Apache
  Home arrow Apache arrow Page 3 - Setting Permissions in Apache
Dev Shed Forums  
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Smartphone Development  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Mobile Linux  
App Generation ROI  
IBM® developerWorks  
Forums Sitemap  
E-Commerce Hosting  
Linux Web Hosting  
Managed Hosting  
Small Business Hosting  
VPS Hosting  
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid  
Request Media Kit
Contact Us  
Site Map  
Privacy Policy  
Support  
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
Google.com  
APACHE

Setting Permissions in Apache
By: O'Reilly Media
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: starstarstarstarstar / 3
    2008-01-10


    Table of Contents:
  • Setting Permissions in Apache
  • Options directive
  • AllowOverride directive
  • Enabling CGI Scripts

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      error-file:tidyout.log Del.ici.ous error-file:tidyout.log Digg
      error-file:tidyout.log Blink error-file:tidyout.log Simpy
      error-file:tidyout.log Google error-file:tidyout.log Spurl
      error-file:tidyout.log Y! MyWeb error-file:tidyout.log Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article

     
     
    ADVERTISEMENT


    Setting Permissions in Apache - AllowOverride directive
    ( Page 3 of 4 )

    In addition to serving any file it can access by default, Apache also by default allows parts of configuration data to be placed under the web server tree, in files normally named .htaccess. Configuration information in such files can override the information in the httpd.conf configuration file. Though this can be useful, it slows down the server (because Apache is forced to check whether the file exists in any of the sub-folders it serves) and allows anyone who controls the web server tree to have limited control of the web server. This feature is controlled with the AllowOverride directive, which, like Options, appears within the <Directory> directive specifying the directory to which the options apply. The AllowOverride directive supports the following options:

    AuthConfig
      
    Allows use (in .htaccess files) of the authorization
          directives (explained in Chapter 7)

    FileInfo
      
    Allows use of the directives controlling document
          types

    Indexes
      
    Allows use of the directives controlling directory
          indexing

    Limit
      
    Allows use of the directives controlling host access

    Options
      
    Allows use of the directives controlling specific
          directory functions (the Options and XbitHack
       directives
    )

    All
      
    Allows all options listed

    None
      
    Ignores .htaccess configuration files

    For our default configuration, we choose the None option. So, our <Directory> directives are now:

      <Directory / >
          Order Deny,Allow
          Deny from all
          Options None
          AllowOverride None
      </Directory>

      <Directory /var/www/htdocs>
          Order Allow,Deny
          Allow from all
      </Directory>

    Modules sometimes use AllowOverride settings to make other deci sions as to whether something should be allowed. Therefore, a change to a setting can have unexpected consequences. As an example, including Options as one of the AllowOverride options will allow PHP configuration directives to be used in .htaccess files. In theory, every directive of every module should fit into one of the AllowOverride settings, but in practice it depends on whether their respective developers have considered it.



     
     
    >>> More Apache Articles          >>> More By O'Reilly Media
     

       

    APACHE ARTICLES

    - Creating a VAMP (Vista, Apache, MySQL, PHP) ...
    - Putting Apache in Jail
    - Containing Intrusions in Apache
    - Server Limits for Apache Security
    - Setting Permissions in Apache
    - Installing Apache
    - Apache Installation and Configuration
    - Apache Tapestry and Custom Components: DateI...
    - Tapestry and AJAX: Autocompleter and InlineE...
    - PropertySelection and IPropertySelectionMode...
    - The DatePicker and Shell Components of Apach...
    - Apache Tapestry: ASO and More Components
    - Apache Tapestry and DirectLink, IoC and DI
    - Making a CelebrityCollector with Apache Tape...
    - Apache Tapestry and Listener Methods, Condit...





    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 4 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek