Hi,
I just installed Apache 2.2 and I'm trying to configure the security rules, starting with a simple task...Deny from all and then I will Allow access for specific directories.
In httpd.conf I have
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/ms4w/Apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
I thought that configuration would forbid access to all the pages under .../htdocs/ but not.
What is the configuration I should write to do what I want?
Is what I'm trying to do good practice?
thanks a lot?
steve
I just installed Apache 2.2 and I'm trying to configure the security rules, starting with a simple task...Deny from all and then I will Allow access for specific directories.
In httpd.conf I have
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/ms4w/Apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
I thought that configuration would forbid access to all the pages under .../htdocs/ but not.
What is the configuration I should write to do what I want?
Is what I'm trying to do good practice?
thanks a lot?
steve