webserver strangeness.
Steve
steve at focb.co.nz
Thu Jul 8 03:19:31 UTC 2004
Standard ES 3 with httpd
updates applied
I have setup an upload area and enabled WebDAV, I've added an htaccess
type entry to <Limit> GET requests to anonymous users (anyone can view the
URLs) and then added a further <Limit> for all other directives to be
allowed after authenticating only.
The reason for this (as everyone seems to be asking me "why bother" is
that I need to find an easy way to upload a few thousand photos and add
them into a gallery, the gallery software allows either "groups of 10
files to be uploaded" or a URL to be supplied that it will wander off to
and suck down the photos.
Due to ease of explaining how things work to end users, it was decided to
create a simple system using webdav so uploads can be done as if the site
were a hard drive then they put in the URL "uploads.blah.com" into the
gallery system and it will suck their photos across.
I tried sucessfully to make the DAV folder under the main site but the
gallery URL suck became confused for some reason and required the images
to be in the root of the web structure.
It appears that someone within the organisation that sets up the
httpd.conf decided that disableing indexes by default within apache was
not enough to stop stupid admins from displaying their directory structure
to the world (despite the fact that you had to actually enable this option
to doso) - so they would also do a location rewrite if the url requested
was the root of the web site and the file served was not one of the
index files.
#<LocationMatch "^/$>
# Options -Indexes
# ErrorDocument 403 /error/noindex.html
#</LocationMatch>
I have since disabled this (IMHO - Braindead) option and restarted apache.
However, I am still getting a random "forbidden" rule and redirect if I
try to goto the root of my upload vhost.
My Config for this vhost is..
<Directory "/var/www/vhost/uploads">
DAV On
Options Indexes FollowSymLinks MultiViews
AllowOverride all
AuthType Basic
AuthName jany
AuthUserFile /var/www/vhost/htpasswd
AuthGroupFile /dev/null
<Limit GET>
Order allow,deny
Allow from all
</Limit>
<Limit POST PUT CONNECT OPTIONS DELETE PATCH PROPFIND PROPPATCH MKCOL
COPY MOVE LOCK UNLOCK>
Require valid-user
</Limit>
</Directory>
Document Root is set to..
DocumentRoot /var/www/vhost/uploads
I have just spent the past hour scouring through the httpd.conf file
trying to find any reference to a redirect to a forbbiden document or an
index document and I cant find anything. I have set "Indexes" as an option
on every <Directory> Idirective I can find in the vain hope that it was
something else.
<rant>
Whoever in their right mind dreamed up the idea that disabling indexes and
making it near on impossible to re-enable them needs a freakin bullet to
the head !!! if an admin makes a concious decision to allow a function to
happen outside default spec then WHY MAKE IT FREAKIN NEAR ENOUGH TO
IMPOSSIBLE TO DOSO ?????
</rant>
Ok, so ranting probably doesnt help but I have hardly any hair left.
god, its things like this that almost make you want to go back to using
IIS or Apache 1.3 - at least they bloody work !.
--
Steve.
More information about the redhat-list
mailing list