The legacy authz directives from 2.2 will indeed cause issues when mixed
with Require (2.4). Do not mix them.
On Mon, Apr 10, 2023 at 11:48 PM Tatsuki Makino
wrote:
> Dave Wreski wrote on 2023/04/11 10:54:
> > SetEnvIf user-agent "(?i:TurnitinBot)" stayout=1
> > SetEnvIf Request_URI
Dave Wreski wrote on 2023/04/11 10:54:
> SetEnvIf user-agent "(?i:TurnitinBot)" stayout=1
> SetEnvIf Request_URI "^linuxsecurity_features\.*$" !stayout
I have done it in the past, too.
It was like allowing another level of conditions to be attached to Allow and
Deny, depending on the condition
Hi,
I don't know what is troubling you...
For now, don't use the combination of Order,Allow,Deny and Require* in
configuration file that will be created in 202x. :)
AllowDeny of ENV should be replaced by the following.
Allow from env=X_FOOBAR -> Require env X_FOOBAR
It can write more
Hello.
I don't know what is troubling you...
For now, don't use the combination of Order,Allow,Deny and Require* in
configuration file that will be created in 202x. :)
AllowDeny of ENV should be replaced by the following.
Allow from env=X_FOOBAR -> Require env X_FOOBAR
It can write more
Hi,
On 4/10/23 10:51 AM, Eric Covener wrote:
.htaccess: negative Require directive has no effect in
directive
Ah, I guess you'll have to restore the RequireAll and its contents.
Yes, I should have mentioned that I've already done that - without it,
it was producing a 500 error for
>
> .htaccess: negative Require directive has no effect in
> directive
>
Ah, I guess you'll have to restore the RequireAll and its contents.
Hi,
I have an apache-2.4.56 install on fedora37 and trying to block
some bots from accessing the site, unless they're trying to access
our RSS feeds. How can I do this?
I'm blocking the bots with SetEnvIF lines in the .htacess file in
the document root like:
