On 12 Jul 2019, at 01:46, Graham Leggett <[email protected]> wrote: > I am having the exact same problem with Directory and DirectoryMatch. When > there are Ifs in a Directory, the Directory overrides the DirectoryMatch, > even though the DirectoryMatch is more specific and should “win” (win meaning > be merged on top of all that has gone before it).
Here is a simpler example:
<Directory /home/${HOST}/storage>
Dav on
SSLVerifyClient optional
<If "%{SSL_CLIENT_VERIFY} == 'SUCCESS' || %{SSL_CLIENT_VERIFY} ==
'GENEROUS'">
require valid-user
</If>
<Else>
require valid-user
</Else>
</Directory>
<Directory /home/${HOST}/storage/home>
require all denied <—— has no effect
</Directory>
Why, when a valid user is logged in (via cert or not cert), does httpd grant
access to the file /home/${HOST}/storage/home/foo?
Most specifically, why does “require all denied” have no effect when a file
matches that directory section?
Regards,
Graham
—
smime.p7s
Description: S/MIME cryptographic signature
