access.conf
# access.conf # ----------- # Global access configuration # Online docs at http://www.apache.org/ # This file defines server settings which affect which types of services # are allowed, and in what circumstances. # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # Originally by Rob McCool # This should be changed to whatever you set DocumentRoot to. <Directory /usr/local/lib/apache/htdocs> # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you (or at least, not yet). Options Includes ExecCGI Indexes FollowSymLinks # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" AllowOverride All # Controls who can get stuff from this server. order allow,deny allow from all </Directory> # /usr/local/lib/apache/cgi-bin should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. <Directory /usr/local/lib/apache/cgi-bin> AllowOverride None Options FollowSymLinks </Directory> <Directory /usr/local/lib/apache/cgi-bin/HyperNews> AllowOverride All Options FollowSymLinks </Directory> <Directory /usr/local/httpd/htdoc/hndoc> <Limit Get Post> deny from all </Limit> </Directory> # Allow server status reports, with the URL of http://servername/server-status # Change the ".your_domain.com" to match your domain to enable. #<Location /server-status> #SetHandler server-status #order deny,allow #deny from all #allow from .your_domain.com #</Location> # There have been reports of people trying to abuse an old bug from pre-1.1 # days. This bug involved a CGI script distributed as a part of Apache. # By uncommenting these lines you can redirect these attacks to a logging # script on phf.apache.org. Or, you can record them yourself, using the script # support/phf_abuse_log.cgi. #<Location /cgi-bin/phf*> #deny from all #ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi #</Location> # You may place any other directories or locations you wish to have # access information for after this one.