Tickets :: [#14193] allow and deny directives in .htaccess broken

Summary	allow and deny directives in .htaccess broken
Queue	Horde Base
Queue Version	Git master
Type	Enhancement
State	Resolved
Priority	2. Medium
Owners	jan (at) horde (dot) org
Requester	heinz (at) htl-steyr (dot) ac (dot) at
Created	12/14/2015 (3617 days ago)
Due
Updated	01/13/2016 (3587 days ago)
Assigned
Resolved	01/13/2016 (3587 days ago)
Milestone
Patch	No

01/13/2016 04:49:06 PM	Jan Schneider	Assigned to Jan Schneider State ⇒ Resolved

12/14/2015 03:02:39 PM	heinz (at) htl-steyr (dot) ac (dot) at	Comment #1 State ⇒ New Priority ⇒ 2. Medium Type ⇒ Enhancement Summary ⇒ allow and deny directives in .htaccess broken Queue ⇒ Horde Base Milestone ⇒ Patch ⇒ No	Reply to this comment
The directives Allow from, Deny from, Order ... provided by the apache module mod_access_compat have been deprecated. In newer apache installations the mod_authz_* modules are used instead by default and the provided .htaccess files of horde leads in an error 500 (eg. invalid command "allow") So all .htaccess files of horde and horde-applications should look like this: In case of "Allow from all": <IfModule !mod_access_compat.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Allow from all </IfModule> In case of "Deny from all": <IfModule !mod_access_compat.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Deny from all </IfModule>