[20957] in bugtraq
Re: Mac OS X - Apache & Case Insensitive Filesystems
daemon@ATHENA.MIT.EDU (Paul Burney)
Mon Jun 11 12:34:26 2001
Date: Sun, 10 Jun 2001 14:06:49 -0700
From: Paul Burney <burney@gseis.ucla.edu>
To: Stefan Arentz <stefan.arentz@soze.com>, <BUGTRAQ@securityfocus.com>
Message-ID: <B7492F79.17F4%burney@gseis.ucla.edu>
In-Reply-To: <20010610195340.A27877@keyser.soze.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
on 6/10/01 10:53 AM, Stefan Arentz at stefan.arentz@soze.com wrote:
> <Directory /Library/WebServer/Documents/test>
> Order deny,allow
> Deny from all
> </Directory>
>
> But the following request will happily serve the file:
>
> GET /TeSt/index.html
Though it causes a bit of a performance penalty, a .htaccess file in a
protected directory will resolve that problem.
Make sure that the web server directory in the config file is set to:
AllowOverride Limit AuthConfig
Or
AllowOverride All
Then in the protected directory, /Library/WebServer/Documents/test, add a
.htaccess file containing:
Order deny,allow
Deny from all
I too would prefer apple to make it's modules available, but I think this is
a good workaround.
Sincerely,
Paul Burney
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Paul Burney
Webmaster && Open Source Developer
UCLA -> GSE&IS -> ETU
(310) 825-8365
<webmaster@gseis.ucla.edu>
<http://www.gseis.ucla.edu/>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
