Overview
Request 209698 accepted
- revert last change about Require directive to avoid spurious 403
errors due to conflicts with Require vs. Deny/Allow.
The problem:
In /etc/apache2/httpd.conf, the permissions are set for "/" using
<Directory /> ... Require all denied </Directory>. This overrides
all subsequent Allow/Deny directives that may be present in an
older confguration and leads to a 403 unless configured otherwise
with a further "Require all granted" down in a directory or vhost.
This cannot be guaranteed, though, and numerous configurations
also from add-ons that bring their own /etc/apache2/conf.d config
file make use of the Deny/Allow directives.
This looks like we'll stick with the compiled-in mod_access_compat
for a while. [bnc#854263]
Request History
draht created request
- revert last change about Require directive to avoid spurious 403
errors due to conflicts with Require vs. Deny/Allow.
The problem:
In /etc/apache2/httpd.conf, the permissions are set for "/" using
<Directory /> ... Require all denied </Directory>. This overrides
all subsequent Allow/Deny directives that may be present in an
older confguration and leads to a 403 unless configured otherwise
with a further "Require all granted" down in a directory or vhost.
This cannot be guaranteed, though, and numerous configurations
also from add-ons that bring their own /etc/apache2/conf.d config
file make use of the Deny/Allow directives.
This looks like we'll stick with the compiled-in mod_access_compat
for a while. [bnc#854263]
msmeissn accepted request
ok
