When I set up httpd on our system originally, I cleverly set up the
publicly available http directory as though it were a "user". I.e. our
user home directories are "/home/dean2", "/home/joe", etc. and the
public http directory is "/home/httpd".
I'd like to allow users to set up anything they want in their publicly
accessible http directories. However, I'd like to retain the
possibility of restricting access as needed to the system's public http
directory. So, as I understand it, I should be able to have an
access.conf as follows:
Directory /home
Options All
Directory /home/httpd
Options All
Method GET {
allow from all
}
Am I correct in assuming that the "/home/httpd" entry will override the
settings on the "/home" entry for the httpd directory? Of course the
example presented is completely permissive, but that may change.
Or, am I being stupid? Should I just have the "/home" entry and a
.htaccess file in /home/httpd? Is that better, worse, or the same as
this scheme?
Thanks!
-Dean
--
N. Dean Pentcheff
Biological Sciences, Univ. of South Carolina, Columbia SC 29208 (803-777-8998)
Internet addresses: pent...@pascal.acm.org or de...@tbone.biol.scarolina.edu
: When I set up httpd on our system originally, I cleverly set up the
: publicly available http directory as though it were a "user". I.e. our
: user home directories are "/home/dean2", "/home/joe", etc. and the
: public http directory is "/home/httpd".
: I'd like to allow users to set up anything they want in their publicly
: accessible http directories. However, I'd like to retain the
: possibility of restricting access as needed to the system's public http
: directory. So, as I understand it, I should be able to have an
: access.conf as follows:
: Directory /home
: Options All
:
: Directory /home/httpd
: Options All
: Method GET {
: allow from all
: }
: Am I correct in assuming that the "/home/httpd" entry will override the
: settings on the "/home" entry for the httpd directory? Of course the
: example presented is completely permissive, but that may change.
Yes, you are. The only ones it would not override is if you had, say, Method
in /home and no Method in /home/httpd.
Setting up a .htaccess file would only affect requests for things in that
directory, which is a limitation I forgot to mention in the docs. Example:
If I have a .htaccess in /home, and I request /~joe/foo.html, the server
will NOT look in /home/.htaccess for security information.
Hope this helps
--Rob
--
Rob McCool, ro...@ncsa.uiuc.edu
Software Development Group, National Center for Supercomputing Applications
It was working ten minutes ago, I swear...