Apache 1.1b4 .htaccess bug?

Apache 1.1b4 .htaccess bug?

Post by Michael Rosenth » Thu, 20 Jun 1996 04:00:00



Using the same configuration files with 1.0.5 and 1.1b2, the following
fails under 1.1b4:

.htaccess in a higher-level directory is do not seem to be processed. Has
anyone else noticed this?

Thanks,

- Michael Rosenthal

 
 
 

Apache 1.1b4 .htaccess bug?

Post by Carl W. Kalbfleisc » Fri, 21 Jun 1996 04:00:00



> Using the same configuration files with 1.0.5 and 1.1b2, the following
> fails under 1.1b4:

> .htaccess in a higher-level directory is do not seem to be processed. Has
> anyone else noticed this?

It seemed to me that the password file was only checked with full path
name with 1.1b4 where previously the current directory is also checked.
I submitted this to Apache and they said they would look into it.

Carl

--
---------------------------------------------------------------------
            Looking for something on the Internet?  Try...
                     http://search.onramp.net/
---------------------------------------------------------------------
Carl W. Kalbfleisch                       http://www.onramp.net/~cwk/
Senior Software Engineer


 
 
 

Apache 1.1b4 .htaccess bug?

Post by Rob Hartil » Fri, 21 Jun 1996 04:00:00




> > Using the same configuration files with 1.0.5 and 1.1b2, the following
> > fails under 1.1b4:
> > .htaccess in a higher-level directory is do not seem to be processed. Has
> > anyone else noticed this?
> It seemed to me that the password file was only checked with full path
> name with 1.1b4 where previously the current directory is also checked.
> I submitted this to Apache and they said they would look into it.

It isn't considered safe to have the password files accessible, so
they must be absolute pathnames now.. move your password files out of
the reach of the server (most sites allow .htaccess files to be read).
 
 
 

1. Apache 1.1b4 on linux 2.0 -- .htaccess problem (trying mSQL)

-----BEGIN PGP SIGNED MESSAGE-----

well, it is a dropin replacement for ncsa httpd 1.51 except for
.htaccess user authentication.  it refuses to do it and in the
errorlog told me that mSQL password table was not find.

i downloaded the precompiled linux binary (elf) which has NO mSQL
module.  also, all i was asking is plain old text file (AuthUserFile
filepathname).  I could not figure out why so have to go back to ncsa.
any help is appreciated.

- --john
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: http://www.mc2-csr.com/~jshen/  -- faith, hope, and love

iQB1AwUBMdK74mKRoTYIY0iJAQHXyAL/fZduuHdsWP4gSHPL1bfCwFs/JKrkO1fh
0Rb4YQkR5M9oJhBc5VZT+NPcFJNm9KArtTRNlH60wOvPwpEyZ9dc2CBkxOiqbLT/
bUDJxds50nQQoxj4z1Iqlh0WzPgMaBay
=s94V
-----END PGP SIGNATURE-----

2. SPARC box for 1000 UKP

3. Apache POST and htaccess bug

4. Q: Help setting up mailserver for school w/ linux via 28.8 ppp

5. Apache bug with Options Indexes in htaccess

6. PC104 Sound Cards...

7. Apache 1.3.2 w/ PHP 3.0.4 .htaccess not accessible bug fix

8. Why are numeric logins considered unsecure?

9. Apache 1.1b4. Virtual Host under linux

10. Apache 1.1b4: ScoreBoardFile: HP/UX

11. htaccess ErrorDocument Bug

12. Staroffice 3.1b4: Cannot load gifs/jpeg format files

13. ANNOUNCE: BETA: tkgoodstuff4.1b4 button bar and utility suite