>Number: 2547 >Category: mod_proxy >Synopsis: Proxy module does not appear to obey access directives >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Fri Jul 3 09:30:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.0 >Environment: Windows NT 4.0 SP3 with hotfixes Apache compiled with MSVC++ 5.0 SP3 >Description: I do not seem to be able to restrict access to the proxy module using the <Directory> directive. I have the following access.conf:
<Directory /> Order Deny,Allow Deny from All Options None AllowOverride None </Directory> <Directory proxy:*> order deny,allow deny from All Options None AllowOverride None </Directory> # This should be changed to whatever you set DocumentRoot to. <Directory "C:/Apache/htdocs/"> # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you (or at least, not yet). Options Indexes FollowSymLinks # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" AllowOverride None #Controls who can get stuff from this server. order deny,allow allow from * </Directory> # /apache/cgi-bin should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. <Directory /apache/cgi-bin> AllowOverride None Options None </Directory> >How-To-Repeat: Try these settings: <Directory proxy:*> order deny,allow deny from All Options None AllowOverride None </Directory> I'm perfectly willing to accept I've screwed up in some way, but can't figure out how. >Fix: Sorry, no. >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
