DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22499>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22499 /server-status does NOT honor access-clause "deny" Summary: /server-status does NOT honor access-clause "deny" Product: Apache httpd-1.3 Version: 1.3.28 Platform: Alpha OS/Version: Other Status: NEW Severity: Normal Priority: Other Component: Other AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] OS is Tru64 UNIX 4.0E patchkit 4. mod_status is compiled and enabled (and works). I introduced (as stated in ./manual/mod/mod_status.html#extendedstatus) <Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from myhost.foo.com </Location> But other hosts than the given one are allowed to see the server status! BTW: in my case "myhost" and the other host were connected via some proxy- server (which is NOT myhost). So, in my point of view, NONE of them should have been honored given the config above ... ??? Best regards, Martin Rosenbach --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
