Summary | allow and deny directives in .htaccess broken |
Queue | Horde Base |
Queue Version | Git master |
Type | Enhancement |
State | Resolved |
Priority | 2. Medium |
Owners | jan (at) horde (dot) org |
Requester | heinz (at) htl-steyr (dot) ac (dot) at |
Created | 12/14/2015 (3491 days ago) |
Due | |
Updated | 01/13/2016 (3461 days ago) |
Assigned | |
Resolved | 01/13/2016 (3461 days ago) |
Milestone | |
Patch | No |
State ⇒ Resolved
State ⇒ New
Priority ⇒ 2. Medium
Type ⇒ Enhancement
Summary ⇒ allow and deny directives in .htaccess broken
Queue ⇒ Horde Base
Milestone ⇒
Patch ⇒ No
module mod_access_compat have been deprecated.
In newer apache installations the mod_authz_* modules are used instead
by default and the provided .htaccess files of horde leads in an error
500 (eg. invalid command "allow")
So all .htaccess files of horde and horde-applications should look like this:
In case of "Allow from all":
<IfModule !mod_access_compat.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Allow from all
</IfModule>
In case of "Deny from all":
<IfModule !mod_access_compat.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Deny from all
</IfModule>