[LON-CAPA-cvs] cvs: loncom(version_2_11_X) / loncapa_apache.conf

raeburn raeburn at source.lon-capa.org
Thu Dec 12 21:50:01 EST 2013 

raeburn		Fri Dec 13 02:50:01 2013 EDT

  Modified files:              (Branch: version_2_11_X)
    /loncom	loncapa_apache.conf 
  Log:
  - For 2.11
    - Backport 1.226, 1.227, 1.228.
  
  
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.215.2.9 loncom/loncapa_apache.conf:1.215.2.10
--- loncom/loncapa_apache.conf:1.215.2.9	Fri Aug  9 20:59:57 2013
+++ loncom/loncapa_apache.conf	Fri Dec 13 02:50:01 2013
@@ -2,7 +2,7 @@
 ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
 ##
 
-# $Id: loncapa_apache.conf,v 1.215.2.9 2013/08/09 20:59:57 raeburn Exp $
+# $Id: loncapa_apache.conf,v 1.215.2.10 2013/12/13 02:50:01 raeburn Exp $
 
 #
 # LON-CAPA Section (extensions to httpd.conf daemon configuration)
@@ -64,7 +64,7 @@
 
 #PerlWarn On
 <LocationMatch "^/+res/adm/pages/[^/]+\.(gif|png)$">
-PerlAuthenHandler	'sub { return OK }' 
+PerlAuthzHandler	'sub { return OK }' 
 </LocationMatch>
 
 # Send proper expires header to avoid unnecessary HTTP request for static content
@@ -416,8 +416,8 @@
 <LocationMatch "^/adm/bombs/">
 AuthType LONCAPA
 Require valid-user
-SetHandler perl-script
 PerlAuthzHandler Apache::lonacc
+SetHandler perl-script
 PerlHandler Apache::lonmeta
 </LocationMatch>
 
@@ -635,8 +635,8 @@
 PerlAccessHandler      Apache::publiccheck
 AuthType LONCAPA
 Require valid-user
-SetHandler perl-script
 PerlAuthzHandler       Apache::lonacc
+SetHandler perl-script
 PerlHandler Apache::restrictedaccess
 ErrorDocument	  500 /adm/errorhandler
 </Location>
@@ -645,8 +645,8 @@
 PerlAccessHandler      Apache::publiccheck
 AuthType LONCAPA
 Require valid-user
-SetHandler perl-script
 PerlAuthzHandler       Apache::lonacc
+SetHandler perl-script
 PerlHandler Apache::blockedaccess
 ErrorDocument     500 /adm/errorhandler
 </Location>
@@ -1440,8 +1440,13 @@
 <Directory />
 Options None
 AllowOverride None
-order deny,allow
-deny from all
+<IfModule mod_authz_core.c>
+  Require all denied
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order deny,allow
+  deny from all
+</IfModule>
 </Directory>
 
 # Allow uploaded files to be served
@@ -1449,8 +1454,13 @@
 <Directory "/home/httpd/lonUsers">
 Options Includes FollowSymLinks
 AllowOverride None
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
  
 # Allow construction space files to be served
@@ -1458,8 +1468,13 @@
 <Directory "/home/*/public_html/" >
 Options Includes FollowSymLinks
 AllowOverride
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
 # Yes to symbolic links and server-side includes
@@ -1467,8 +1482,13 @@
 <Directory /home/httpd/html>
 Options Includes FollowSymLinks
 AllowOverride None
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
 # If it is in cgi-bin, then it can be executed as a CGI script.
@@ -1476,8 +1496,13 @@
 <Directory /home/httpd/cgi-bin>
 AllowOverride None
 Options ExecCGI FollowSymLinks
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
 # Allow serving of files in prtspool
@@ -1485,8 +1510,13 @@
 <Directory "/home/httpd/prtspool/">
 Options Includes FollowSymLinks
 AllowOverride None
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
 # Allow serving of files in zipspool
@@ -1494,8 +1524,13 @@
 <Directory "/home/httpd/zipspool/">
 Options Includes FollowSymLinks
 AllowOverride None
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
 # Allow serving of files in captchaspool
@@ -1503,10 +1538,19 @@
 <Directory "/home/httpd/captchaspool/">
 Options Includes FollowSymLinks
 AllowOverride None
-order allow,deny
-allow from all
+<IfModule mod_authz_core.c>
+  Require all granted
+</IfModule>
+<IfModule !mod_authz_core.c>
+  order allow,deny
+  allow from all
+</IfModule>
 </Directory>
 
+<DirectoryMatch "^/home/httpd/html/priv/.+/">
+   DirectoryIndex disabled
+</DirectoryMatch>
+
 # ============================================================= Access Handlers
 
 # ------------------------------------------------- Allow server-status reports
@@ -1525,10 +1569,15 @@
 # ------------------- Allow access to local system documentation from localhost
 Alias /doc /usr/doc
 <Directory /usr/doc>
-order deny,allow
-deny from all
-allow from localhost
 Options Indexes FollowSymLinks
+<IfModule mod_authz_host.c>
+  Require local
+</IfModule>
+<IfModule !mod_authz_host.c>
+  order deny,allow
+  deny from all
+  allow from localhost
+</IfModule>
 </Directory>
 
 # ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************

More information about the LON-CAPA-cvs mailing list