dgaudet 99/04/20 11:03:12
Modified: conf httpd.conf-dist
Log:
protect .ht* files ... rather than just .htaccess (it costs pretty
much the same)
PR: 4215
Revision Changes Path
1.40 +4 -1 apache-1.3/conf/httpd.conf-dist
Index: httpd.conf-dist
===================================================================
RCS file: /home/cvs/apache-1.3/conf/httpd.conf-dist,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- httpd.conf-dist 1999/04/20 17:59:35 1.39
+++ httpd.conf-dist 1999/04/20 18:03:09 1.40
@@ -361,7 +361,10 @@
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
-<Files .htaccess>
+# Also, folks tend to use names such as .htpasswd for password
+# files, so this will protect those as well.
+#
+<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
