>Number: 1713 >Category: general >Synopsis: Internal server error with .htaccess file in directory above >document root >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Jan 21 11:10:00 PST 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3b3 and 1.2.4 >Environment: Linux 2.0.30, x86, gcc on RedHat 4.2 and RedHat 5.0 >Description: By mistake I named a password-file .htaccess in a directory above the document root. The result was a "500, internal server error". I tried it on another machine and it works for both standalone and virtual servers. With the virtual server it does not affect the other servers. The errorlog says "Invalid argument: /home/xxxx/.htaccess: Invalid command: 'text'" ... time passes ... I just tried putting the .htaccess file in the system root and I still get a 500... I am not sure if this is a bug or just me doing something stupid, but I thought you'd like to know. >How-To-Repeat: Just write a file called .htaccess and type something like "dklsjf" and see what happens... >Fix: Nope, I'm no hacker.. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
