Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods
Reload this Page Apache 2.2 - is there way how to allow only Options=Indexes f?
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 19th March 2009, 18:20
radim_h radim_h is offline
Senior Member
  
Join Date: Jan 2007
Location: Prague, Czech
Posts: 402
Thanks: 31
Thanked 23 Times in 18 Posts
Send a message via ICQ to radim_h
Default Apache 2.2 - is there way how to allow only Options=Indexes f?
Default ISPC setting in /etc/apache2/apache2.confapac for web and users webs is:
<Directory /var/www/*/web>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>


Which is good for security, because when set to AllowOverride Options, user can run CGI scripts and much more as described in manual http://httpd.apache.org/docs/2.2/mod/core.html#options

But it can be very helpfull allow Overwrite Options Indexes + for users in .htacess files as setting browsable directories handy for every customer is really annoying.

Haven't you guys seens any patch or hack to allow only Options Indexes for users?
I have seen some hosting companies which says that there is Only Options=Indexes allowed for their users so i'm wondering if they are using some own modifications of apache or how they do it
???

Thanks for any hint

I'm using debian Lenny with latest apache 2.2.9-10+lenny2
Reply With Quote
Sponsored Links
  #2  
Old 20th March 2009, 13:32
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,592 Times in 2,443 Posts
Default
You can use something like this in the Apache Directives field of a web site:
Code:
<Directory /var/www/web1/web>
  Options Indexes
</Directory>
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 23rd March 2009, 10:51
radim_h radim_h is offline
Senior Member
  
Join Date: Jan 2007
Location: Prague, Czech
Posts: 402
Thanks: 31
Thanked 23 Times in 18 Posts
Send a message via ICQ to radim_h
 
Default
sorry for bothering, reading Apache manual does the work.
Allowing all Options is not good, then user can run cgi sripts etc..
to allow only indexes it has to look this way:

AllowOverride Indexes AuthConfig Limit FileInfo Options=Indexes

(i have tried this option before, don't understand why it didnt work, probably problem somewhere between keyboard and chair .o) )

list of allowed parameters for Options has to be separated by comma

http://httpd.apache.org/docs/2.2/mod...#allowoverride
Last edited by radim_h; 23rd March 2009 at 10:53.
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
CENTOS 5 Ping Problem gAnDo Server Operation 11 28th March 2008 20:58
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Apache 2.2 with mod_proxy_balancer meekish Installation/Configuration 1 10th September 2006 14:17
mod_mono apache 2.2 ColdDoT Server Operation 5 23rd May 2006 02:58
Problem with the installation of Dokeos (LMS) in ISPConfig jofranco General 4 28th April 2006 00:45


All times are GMT +2. The time now is 05:42.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.