On 05/22/2016 04:50 AM, Mick wrote:
>
> I tried setting APACHE2_MODULES="access_compat" in make.conf and I got this
> conflict:
Oh, sorry, I meant that you have to add "access_compat" to the list of
modules already present in APACHE2_MODULES.
Those conflicts are saying that you need "unixd" for php itself, and
eselect-php wants "dir". This is a pretty minimal list:
APACHE2_MODULES="alias auth_basic auth_digest authn_anon authn_core\
authn_file authz_core authz_host authz_user dir\
include log_config mime rewrite socache_shmcb unixd"
(Add access_compat if you want). You can narrow it down by looking
through each module's documentation:
http://httpd.apache.org/docs/current/mod/
The directives that each one provides are listed over on the right. So
if, for example, you don't use "AuthUserFile" in your config, then it's
safe to turn off mod_authn_file.
The Drupal thing is highly annoying. Their stupid status report ignores
the fact that:
1. You can achieve the same thing with an htaccess file that isn't
byte-for-byte identical to the one they ship.
2. If you run multiple sites, you can implement the restrictions in
the vhosts and not in htaccess files.
3. Not every web server uses htaccess files.
I've had to explain to a lot of customers that, yes, their site is
secure, that check was just written by idiots.
