https://bz.apache.org/bugzilla/show_bug.cgi?id=65481
--- Comment #2 from [email protected] --- Apache Configuration LogLevel trace8 ErrorLog syslog:local0 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %P %T" combined CustomLog "|/usr/sbin/httplog /var/log/httpd/access_log.%Y%m%d" combined <VirtualHost _default_:50011> ServerName example.com DocumentRoot /home/www/xxx/php ErrorLog syslog:local1 CustomLog "| /usr/sbin/httplog /var/log/httpd/xxx_access_log.%Y%m%d" combined <Directory "/home/www/xxx/php/receiver/Upload"> require method PUT AllowOverride All Options -Indexes +FollowSymLinks -Includes AuthName "NocHost" AuthType Basic AuthUserFile /home/www/xxx/conf/htpasswd_host Script PUT /receiver/put.php <Limit PUT> require valid-user </Limit> </Directory> </VirtualHost> Curl Request [root@localhost ~]# (. /usr/local/example/admin/etc/admin.conf; curl -kv -u "$UPDLOGIN:$UPDPASS" -T /root/install.log "$NOCURL/receiver/Upload/Queued/file3.txt" 2>&1) * Trying 10.44.3.55:443... * Connected to xxx.p32.eng.sjc01.example.com (10.44.3.55) port 443 (#0) * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Change cipher spec (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / AES256-SHA * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=Foster City; O=example, Inc.; OU=Engineering; CN=*.p32.eng.sjc01.example.com * start date: Feb 15 04:55:00 2021 GMT * expire date: Feb 15 04:55:00 2022 GMT * issuer: C=US; ST=California; L=Redwood City; O=example, Inc.; OU=Operations; CN=example Ops T2v1; [email protected] * SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway. * Server auth using Basic with user '099991506691' > PUT /receiver/Upload/Queued/file3.txt HTTP/1.1 > Host: xxx.p32.eng.sjc01.example.com > Authorization: Basic MxxxxxtoLis= > User-Agent: curl/7.71.1 > Accept: */* > Content-Length: 10034 > Expect: 100-continue > * Mark bundle as not supporting multiuse < HTTP/1.1 100 Continue * We are completely uploaded and fine * Mark bundle as not supporting multiuse < HTTP/1.1 200 Created < Date: Thu, 05 Aug 2021 18:10:58 GMT < Server: Apache < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < X-Frame-Options: SAMEORIGIN < Strict-Transport-Security: max-age=31536000; includeSubDomains < Content-Length: 0 < Content-Type: text/html; charset=UTF-8 < * Connection #0 to host xxx.p32.eng.sjc01.example.com left intact /var/log/messages 2021-08-05T18:10:25+00:00 mon02.p32.eng.sjc01.example.com systemd[1]: Started LSB: start and stop Apache HTTP Server. 2021-08-05T18:10:25+00:00 mon02.p32.eng.sjc01.example.com httpd[28345]: [mpm_prefork:notice] [pid 28345] AH00163: Apache/2.4.29 (Unix) OpenSSL/1.0.2k-fips configured -- resuming normal operations 2021-08-05T18:10:25+00:00 mon02.p32.eng.sjc01.example.com httpd[28345]: [mpm_prefork:info] [pid 28345] AH00164: Server built: Dec 28 2020 12:40:18 2021-08-05T18:10:25+00:00 mon02.p32.eng.sjc01.example.com httpd[28345]: [core:notice] [pid 28345] AH00094: Command line: '/usr/sbin/httpd' 2021-08-05T18:10:58+00:00 mon02.p32.eng.sjc01.example.com httpd[28357]: [authz_core:error] [pid 28357] [client 10.44.1.17:23881] AH01630: client denied by server configuration: /home/www/xxx/php/receiver/Upload/Queued/file3.txt /var/log/httpd/xxx_access_log 10.44.1.17 - 099991506691 [05/Aug/2021:18:10:58 +0000] "PUT /receiver/Upload/Queued/file3.txt HTTP/1.1" 200 - "-" "curl/7.71.1" 28357 0 But if we replace "require method PUT" with "require method PUT GET", the error AH1630 vanishes. (In reply to Eric Covener from comment #1) > Please post full matching access/error logs @ LogLevel trace8 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
