Recursivité des .htaccess

Recursivité des .htaccess - HTML/CSS - Programmation

Marsh Posté le 31-07-2004 à 18:16:04    

Hello,
 
J'ai un serveur http protégé contre les accès exterieurs anonymes  
 

Code :
  1. AuthUserFile "d:\extens~1\WebSer~1\Docume~1\.htpasswd"
  2. AuthGroupFile /dev/null
  3. AuthName "Accès sécurisé au site ALPAC"
  4. AuthType Basic
  5. <LIMIT GET POST>
  6. order deny,allow
  7. deny from all
  8. allow from 192.168.0
  9. Require valid-user
  10. Satisfy any
  11. </LIMIT>


 
 
Maintenant je désire créer un répertoire enfant, qui lui ne serait pas protégé du tout (pas de demande de login depuis l'exterieur)
 
 
J'ai donc testé plusieurs choses mais la seule chose au mieux que j'ai reussi a faire c'est l'affichage de la fenetre de login. Bien evidemment il suffit de ne rien rentrer pour entrer.
 
 

Code :
  1. allow from all
  2. Satisfy any


 
 
Comment je peux faire pour qu'il ne demande strictement rien ?

Reply

Marsh Posté le 31-07-2004 à 18:16:04   

Reply

Marsh Posté le 31-07-2004 à 18:30:01    

et si tu definissais ton repertoire a part dans le httpd.conf:
 
<Directory "/le repertoire">
Allow from all
Satisfy any
</Directory>
 
la config est plus claire, non?


---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 18:44:03    

je viens de le mettre en place :
confirme-tu qu'aucune identification n'est demandée, et que la page s'affiche ?
http://alpac.dyndns.org:81/coupleur/

Reply

Marsh Posté le 31-07-2004 à 18:46:07    

non :/
j'ai un popup htaccess mais si je fais cancel, je vois une page:
"Bienvenue sur la page de démonstration de télémaintenance d'un coupleur SIEMENS.
Pour pouvoir y accéder, vous devez vous inscrire (gratuitement) afin d'obtenir un mot de passe."
 
:/


---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 18:46:13    

J'ai les deux: une page avec login et une demande de login en http

Reply

Marsh Posté le 31-07-2004 à 18:47:04    

Pas bon alors.. :(

Reply

Marsh Posté le 31-07-2004 à 18:47:56    

La page d'identification SIEMENS est normale. C'est celle qu'on doit voir quand on tape l'adresse, mais sans demande de login htaccess..

Reply

Marsh Posté le 31-07-2004 à 18:50:15    

Je viens de rajouter un "AllowOverride None"... test concluant ?

Reply

Marsh Posté le 31-07-2004 à 18:51:08    

non pareil :/


---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 18:56:22    

et la ?

Reply

Marsh Posté le 31-07-2004 à 18:56:22   

Reply

Marsh Posté le 31-07-2004 à 18:57:38    

j'ai quand meme une demande de login genre htaccess au nom de prompt qui vient meme si la page se charge de suite (sans avoir a faire cancel)


---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 18:58:12    

pareil

Reply

Marsh Posté le 31-07-2004 à 19:01:35    

Oui, c'est le mieux que j'ai reussi à faire.
On peut mettre ce qu'on veut vu que ça ne va pas chercher des informations propres à l'intranet, mais à la gueule du client, ça serait mieux qu'il n'y ait pas de fenetre htacces... :/

Reply

Marsh Posté le 31-07-2004 à 19:05:13    

sinon question con: pourquoi avoir utilisé <LIMIT>?

Reply

Marsh Posté le 31-07-2004 à 19:07:28    

Surement une vieille habitude.
 
Il y a un exemple dans le httpd.conf :
 

Code :
  1. #<Directory "D:/Extension_C/WebServer/Apache/Apache/users">
  2. #    AllowOverride FileInfo AuthConfig Limit
  3. #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
  4. #    <Limit GET POST OPTIONS PROPFIND>
  5. #        Order allow,deny
  6. #        Allow from all
  7. #    </Limit>
  8. #    <LimitExcept GET POST OPTIONS PROPFIND>
  9. #        Order deny,allow
  10. #        Deny from all
  11. #    </LimitExcept>
  12. #</Directory>


 
+ URL ou j'ai appris le bazard :whistle:
http://www.commentcamarche.net/apache/apacht.php3
 

Reply

Marsh Posté le 31-07-2004 à 19:09:43    

Update... rajout de "Options None"

Reply

Marsh Posté le 31-07-2004 à 19:11:08    

ok, dans ce cas, deuxième question con: as-tu mis le AllowOverride?

Reply

Marsh Posté le 31-07-2004 à 19:13:06    

skylight a écrit :

Je viens de rajouter un "AllowOverride None"... test concluant ?

Ceci :??:
 
(théoriquement, AllowOverride None désactive les htaccess dans le répertoire concerné...)

Reply

Marsh Posté le 31-07-2004 à 19:47:30    

skylight a écrit :

Ceci :??:
 
(théoriquement, AllowOverride None désactive les htaccess dans le répertoire concerné...)


 
Oui ça. Mais si tu le mets, vu que ça desactive les .htacces je ne vois pas pourquoi tu voudrais que la demande de login disparaisse.
 
Tu peux mettre ton httpd.conf en complet ainsi que le .htaccess, si tu en as un, du répertoire concerné?

Reply

Marsh Posté le 31-07-2004 à 19:50:42    

Je veux pas de demande de login, je veux que ce repertoire soit libre d'accès, c'est tout :D
 
Httpd.conf
 

Code :
  1. #
  2. # Based upon the NCSA server configuration files originally by Rob McCool.
  3. #
  4. # This is the main Apache server configuration file.  It contains the
  5. # configuration directives that give the server its instructions.
  6. # See <URL:http://httpd.apache.org/docs/> for detailed information about
  7. # the directives.
  8. #
  9. # Do NOT simply read the instructions in here without understanding
  10. # what they do.  They're here only as hints or reminders.  If you are unsure
  11. # consult the online docs. You have been warned. 
  12. #
  13. # After this file is processed, the server will look for and process
  14. # D:/Extension_C/WebServer/Apache/Apache/conf/srm.conf and then D:/Extension_C/WebServer/Apache/Apache/conf/access.conf
  15. # unless you have overridden these with ResourceConfig and/or
  16. # AccessConfig directives here.
  17. #
  18. # The configuration directives are grouped into three basic sections:
  19. #  1. Directives that control the operation of the Apache server process as a
  20. #     whole (the 'global environment').
  21. #  2. Directives that define the parameters of the 'main' or 'default' server,
  22. #     which responds to requests that aren't handled by a virtual host.
  23. #     These directives also provide default values for the settings
  24. #     of all virtual hosts.
  25. #  3. Settings for virtual hosts, which allow Web requests to be sent to
  26. #     different IP addresses or hostnames and have them handled by the
  27. #     same Apache server process.
  28. #
  29. # Configuration and logfile names: If the filenames you specify for many
  30. # of the server's control files begin with "/" (or "drive:/" for Win32), the
  31. # server will use that explicit path.  If the filenames do *not* begin
  32. # with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
  33. # with ServerRoot set to "/usr/local/apache" will be interpreted by the
  34. # server as "/usr/local/apache/logs/foo.log".
  35. #
  36. # NOTE: Where filenames are specified, you must use forward slashes
  37. # instead of backslashes (e.g., "c:/apache" instead of "c:\apache" ).
  38. # If a drive letter is omitted, the drive on which Apache.exe is located
  39. # will be used by default.  It is recommended that you always supply
  40. # an explicit drive letter in absolute paths, however, to avoid
  41. # confusion.
  42. #
  44. ### Section 1: Global Environment
  45. #
  46. # The directives in this section affect the overall operation of Apache,
  47. # such as the number of concurrent requests it can handle or where it
  48. # can find its configuration files.
  49. #
  51. #
  52. # ServerType is either inetd, or standalone.  Inetd mode is only supported on
  53. # Unix platforms.
  54. #
  55. ServerType standalone
  57. #
  58. # ServerRoot: The top of the directory tree under which the server's
  59. # configuration, error, and log files are kept.
  60. #
  61. ServerRoot "D:/Extension_C/WebServer/Apache/Apache"
  63. #
  64. # PidFile: The file in which the server should record its process
  65. # identification number when it starts.
  66. #
  67. PidFile logs/httpd.pid
  69. #
  70. # ScoreBoardFile: File used to store internal server process information.
  71. # Not all architectures require this.  But if yours does (you'll know because
  72. # this file will be  created when you run Apache) then you *must* ensure that
  73. # no two invocations of Apache share the same scoreboard file.
  74. #
  75. ScoreBoardFile logs/apache_runtime_status
  77. #
  78. # In the standard configuration, the server will process httpd.conf (this
  79. # file, specified by the -f command line option), srm.conf, and access.conf
  80. # in that order.  The latter two files are now distributed empty, as it is
  81. # recommended that all directives be kept in a single file for simplicity. 
  82. # The commented-out values below are the built-in defaults.  You can have the
  83. # server ignore these files altogether by using "/dev/null" (for Unix) or
  84. # "nul" (for Win32) for the arguments to the directives.
  85. #
  86. #ResourceConfig conf/srm.conf
  87. #AccessConfig conf/access.conf
  89. #
  90. # Timeout: The number of seconds before receives and sends time out.
  91. #
  92. Timeout 300
  94. #
  95. # KeepAlive: Whether or not to allow persistent connections (more than
  96. # one request per connection). Set to "Off" to deactivate.
  97. #
  98. KeepAlive On
  100. #
  101. # MaxKeepAliveRequests: The maximum number of requests to allow
  102. # during a persistent connection. Set to 0 to allow an unlimited amount.
  103. # We recommend you leave this number high, for maximum performance.
  104. #
  105. MaxKeepAliveRequests 100
  107. #
  108. # KeepAliveTimeout: Number of seconds to wait for the next request from the
  109. # same client on the same connection.
  110. #
  111. KeepAliveTimeout 15
  113. #
  114. # Apache on Win32 always creates one child process to handle requests.  If it
  115. # dies, another child process is created automatically.  Within the child
  116. # process multiple threads handle incoming requests.  The next two
  117. # directives control the behaviour of the threads and processes.
  118. #
  120. #
  121. # MaxRequestsPerChild: the number of requests each child process is
  122. # allowed to process before the child dies.  The child will exit so
  123. # as to avoid problems after prolonged use when Apache (and maybe the
  124. # libraries it uses) leak memory or other resources.  On most systems, this
  125. # isn't really needed, but a few (such as Solaris) do have notable leaks
  126. # in the libraries.  For Win32, set this value to zero (unlimited)
  127. # unless advised otherwise.
  128. #
  129. # NOTE: This value does not include keepalive requests after the initial
  130. #       request per connection. For example, if a child process handles
  131. #       an initial request and 10 subsequent "keptalive" requests, it
  132. #       would only count as 1 request towards this limit.
  133. #
  134. MaxRequestsPerChild 0
  136. #
  137. # Number of concurrent threads (i.e., requests) the server will allow.
  138. # Set this value according to the responsiveness of the server (more
  139. # requests active at once means they're all handled more slowly) and
  140. # the amount of system resources you'll allow the server to consume.
  141. #
  142. ThreadsPerChild 50
  144. #
  145. # Listen: Allows you to bind Apache to specific IP addresses and/or
  146. # ports, instead of the default. See also the <VirtualHost>
  147. # directive.
  148. #
  149. #Listen 3000
  150. #Listen 12.34.56.78:80
  152. #
  153. # BindAddress: You can support virtual hosts with this option. This directive
  154. # is used to tell the server which IP address to listen to. It can either
  155. # contain "*", an IP address, or a fully qualified Internet domain name.
  156. # See also the <VirtualHost> and Listen directives.
  157. #
  158. #BindAddress *
  160. #
  161. # Dynamic Shared Object (DSO) Support
  162. #
  163. # To be able to use the functionality of a module which was built as a DSO you
  164. # have to place corresponding `LoadModule' lines at this location so the
  165. # directives contained in it are actually available _before_ they are used.
  166. # Please read the file README.DSO in the Apache 1.3 distribution for more
  167. # details about the DSO mechanism and run `apache -l' for the list of already
  168. # built-in (statically linked and thus always available) modules in your Apache
  169. # binary.
  170. #
  171. # Note: The order in which modules are loaded is important.  Don't change
  172. # the order below without expert advice.
  173. #
  174. # Example:
  175. # LoadModule foo_module modules/mod_foo.so
  176. #
  177. #LoadModule vhost_alias_module modules/mod_vhost_alias.so
  178. #LoadModule mime_magic_module modules/mod_mime_magic.so
  179. #LoadModule status_module modules/mod_status.so
  180. #LoadModule info_module modules/mod_info.so
  181. #LoadModule speling_module modules/mod_speling.so
  182. LoadModule rewrite_module modules/mod_rewrite.so
  183. #LoadModule anon_auth_module modules/mod_auth_anon.so
  184. #LoadModule dbm_auth_module modules/mod_auth_dbm.so
  185. #LoadModule digest_auth_module modules/mod_auth_digest.so
  186. #LoadModule digest_module modules/mod_digest.so
  187. #LoadModule proxy_module modules/mod_proxy.so
  188. #LoadModule cern_meta_module modules/mod_cern_meta.so
  189. #LoadModule expires_module modules/mod_expires.so
  190. #LoadModule headers_module modules/mod_headers.so
  191. #LoadModule usertrack_module modules/mod_usertrack.so
  192. #LoadModule unique_id_module modules/mod_unique_id.so
  193. LoadModule php4_module d:/extension_c/webserver/php-4.3.8/sapi/php4apache.dll
  195. #
  196. #  Reconstruction of the complete module list from all available modules
  197. #  (static and shared ones) to achieve correct module execution order.
  198. #
  199. # The modules listed below, without a corresponding LoadModule directive,
  200. # are static bound into the standard Apache binary distribution for Windows.
  201. #
  202. # Note: The order in which modules are loaded is important.  Don't change
  203. # the order below without expert advice.
  204. #
  205. # [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE, UPDATE THIS TOO!]
  206. ClearModuleList
  207. #AddModule mod_vhost_alias.c
  208. AddModule mod_env.c
  209. AddModule mod_log_config.c
  210. #AddModule mod_mime_magic.c
  211. AddModule mod_mime.c
  212. AddModule mod_negotiation.c
  213. #AddModule mod_status.c
  214. #AddModule mod_info.c
  215. AddModule mod_include.c
  216. AddModule mod_autoindex.c
  217. AddModule mod_dir.c
  218. AddModule mod_isapi.c
  219. AddModule mod_cgi.c
  220. AddModule mod_asis.c
  221. AddModule mod_imap.c
  222. AddModule mod_actions.c
  223. #AddModule mod_speling.c
  224. AddModule mod_userdir.c
  225. AddModule mod_alias.c
  226. AddModule mod_rewrite.c
  227. AddModule mod_access.c
  228. AddModule mod_auth.c
  229. #AddModule mod_auth_anon.c
  230. #AddModule mod_auth_dbm.c
  231. #AddModule mod_auth_digest.c
  232. #AddModule mod_digest.c
  233. #AddModule mod_proxy.c
  234. #AddModule mod_cern_meta.c
  235. #AddModule mod_expires.c
  236. #AddModule mod_headers.c
  237. #AddModule mod_usertrack.c
  238. #AddModule mod_unique_id.c
  239. AddModule mod_so.c
  240. AddModule mod_setenvif.c
  241. AddModule mod_php4.c
  243. <IfModule mod_php4.c>
  244.       AddType application/x-httpd-php .phtml .php
  245.   </IfModule>
  248. #
  249. # ExtendedStatus controls whether Apache will generate "full" status
  250. # information (ExtendedStatus On) or just basic information (ExtendedStatus
  251. # Off) when the "server-status" handler is called. The default is Off.
  252. #
  253. #ExtendedStatus On
  255. ### Section 2: 'Main' server configuration
  256. #
  257. # The directives in this section set up the values used by the 'main'
  258. # server, which responds to any requests that aren't handled by a
  259. # <VirtualHost> definition.  These values also provide defaults for
  260. # any <VirtualHost> containers you may define later in the file.
  261. #
  262. # All of these directives may appear inside <VirtualHost> containers,
  263. # in which case these default settings will be overridden for the
  264. # virtual host being defined.
  265. #
  267. #
  268. # Port: The port to which the standalone server listens.  Certain firewall
  269. # products must be configured before Apache can listen to a specific port.
  270. # Other running httpd servers will also interfere with this port.  Disable
  271. # all firewall, security, and other services if you encounter problems.
  272. # To help diagnose problems use the Windows NT command NETSTAT -a
  273. #
  274. Port 81
  276. #
  277. # ServerAdmin: Your address, where problems with the server should be
  278. # e-mailed.  This address appears on some server-generated pages, such
  279. # as error documents.
  280. #
  281. ServerAdmin laurent.levasseur@alpac-fr.com
  283. #
  284. # ServerName allows you to set a host name which is sent back to clients for
  285. # your server if it's different than the one the program would get (i.e., use
  286. # "www" instead of the host's real name).
  287. #
  288. # Note: You cannot just invent host names and hope they work. The name you
  289. # define here must be a valid DNS name for your host. If you don't understand
  290. # this, ask your network administrator.
  291. # If your host doesn't have a registered DNS name, enter its IP address here.
  292. # You will have to access it by its address (e.g., http://123.45.67.89/)
  293. # anyway, and this will make redirections work in a sensible way.
  294. #
  295. # 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
  296. # machine always knows itself by this address. If you use Apache strictly for
  297. # local testing and development, you may use 127.0.0.1 as the server name.
  298. #
  299. ServerName Filer
  302. #
  303. # DocumentRoot: The directory out of which you will serve your
  304. # documents. By default, all requests are taken from this directory, but
  305. # symbolic links and aliases may be used to point to other locations.
  306. #
  307. DocumentRoot "D:/Extension_C/WebServer/Documents/"
  309. #
  310. # Each directory to which Apache has access, can be configured with respect
  311. # to which services and features are allowed and/or disabled in that
  312. # directory (and its subdirectories).
  313. #
  314. # First, we configure the "default" to be a very restrictive set of
  315. # permissions. 
  316. #
  317. <Directory />
  318.     Options FollowSymLinks
  319.     AllowOverride None
  320. </Directory>
  322. #
  323. # Note that from this point forward you must specifically allow
  324. # particular features to be enabled - so if something's not working as
  325. # you might expect, make sure that you have specifically enabled it
  326. # below.
  327. #
  329. #
  330. # This should be changed to whatever you set DocumentRoot to.
  331. #
  332. <Directory "D:/Extension_C/WebServer/Documents/">
  334. #
  335. # This may also be "None", "All", or any combination of "Indexes",
  336. # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
  337. #
  338. # Note that "MultiViews" must be named *explicitly* --- "Options All"
  339. # doesn't give it to you.
  340. #
  341.     Options Indexes FollowSymLinks MultiViews
  343. #
  344. # This controls which options the .htaccess files in directories can
  345. # override. Can also be "All", or any combination of "Options", "FileInfo",
  346. # "AuthConfig", and "Limit"
  347. #
  348.     AllowOverride All
  350. #
  351. # Controls who can get stuff from this server.
  352. #
  353.     Order allow,deny
  354.     Allow from all
  355. </Directory>
  359. <Directory "D:/Extens~1/WebSer~1/Docume~1/coupleur/">
  360.     Order allow,deny
  361.     Options None
  362.     AllowOverride None
  363.     Allow from *
  364. </Directory>
  366. #
  367. # UserDir: The name of the directory which is appended onto a user's home
  368. # directory if a ~user request is received.
  369. #
  370. # Under Win32, we do not currently try to determine the home directory of
  371. # a Windows login, so a format such as that below needs to be used.  See
  372. # the UserDir documentation for details.
  373. #
  374. <IfModule mod_userdir.c>
  375.     UserDir "D:/Extension_C/WebServer/Apache/Apache/users/"
  376. </IfModule>
  378. #
  379. # Control access to UserDir directories.  The following is an example
  380. # for a site where these directories are restricted to read-only.
  381. #
  382. #<Directory "D:/Extension_C/WebServer/Apache/Apache/users">
  383. #    AllowOverride FileInfo AuthConfig Limit
  384. #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
  385. #    <Limit GET POST OPTIONS PROPFIND>
  386. #        Order allow,deny
  387. #        Allow from all
  388. #    </Limit>
  389. #    <LimitExcept GET POST OPTIONS PROPFIND>
  390. #        Order deny,allow
  391. #        Deny from all
  392. #    </LimitExcept>
  393. #</Directory>
  395. #
  396. # DirectoryIndex: Name of the file or files to use as a pre-written HTML
  397. # directory index.  Separate multiple entries with spaces.
  398. #
  399. <IfModule mod_dir.c>
  400.     DirectoryIndex index.phtml index.php index.html
  401. </IfModule>
  403. #
  404. # AccessFileName: The name of the file to look for in each directory
  405. # for access control information.
  406. #
  407. AccessFileName .htaccess
  409. #
  410. # The following lines prevent .htaccess files from being viewed by
  411. # Web clients.  Since .htaccess files often contain authorization
  412. # information, access is disallowed for security reasons.  Comment
  413. # these lines out if you want Web visitors to see the contents of
  414. # .htaccess files.  If you change the AccessFileName directive above,
  415. # be sure to make the corresponding changes here.
  416. #
  417. # Also, folks tend to use names such as .htpasswd for password
  418. # files, so this will protect those as well.
  419. #
  420. <Files ~ "^\.ht">
  421.     Order allow,deny
  422.     Deny from all
  423.     Satisfy All
  424. </Files>
  426. #
  427. # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
  428. # document that was negotiated on the basis of content. This asks proxy
  429. # servers not to cache the document. Uncommenting the following line disables
  430. # this behavior, and proxies will be allowed to cache the documents.
  431. #
  432. #CacheNegotiatedDocs
  434. #
  435. # UseCanonicalName:  (new for 1.3)  With this setting turned on, whenever
  436. # Apache needs to construct a self-referencing URL (a URL that refers back
  437. # to the server the response is coming from) it will use ServerName and
  438. # Port to form a "canonical" name.  With this setting off, Apache will
  439. # use the hostname:port that the client supplied, when possible.  This
  440. # also affects SERVER_NAME and SERVER_PORT in CGI scripts.
  441. #
  442. UseCanonicalName On
  444. #
  445. # TypesConfig describes where the mime.types file (or equivalent) is
  446. # to be found.
  447. #
  448. <IfModule mod_mime.c>
  449.     TypesConfig conf/mime.types
  450. </IfModule>
  452. #
  453. # DefaultType is the default MIME type the server will use for a document
  454. # if it cannot otherwise determine one, such as from filename extensions.
  455. # If your server contains mostly text or HTML documents, "text/plain" is
  456. # a good value.  If most of your content is binary, such as applications
  457. # or images, you may want to use "application/octet-stream" instead to
  458. # keep browsers from trying to display binary files as though they are
  459. # text.
  460. #
  461. DefaultType text/plain
  463. #
  464. # The mod_mime_magic module allows the server to use various hints from the
  465. # contents of the file itself to determine its type.  The MIMEMagicFile
  466. # directive tells the module where the hint definitions are located.
  467. # mod_mime_magic is not part of the default server (you have to add
  468. # it yourself with a LoadModule [see the DSO paragraph in the 'Global
  469. # Environment' section], or recompile the server and include mod_mime_magic
  470. # as part of the configuration), so it's enclosed in an <IfModule> container.
  471. # This means that the MIMEMagicFile directive will only be processed if the
  472. # module is part of the server.
  473. #
  474. <IfModule mod_mime_magic.c>
  475.     MIMEMagicFile conf/magic
  476. </IfModule>
  478. #
  479. # HostnameLookups: Log the names of clients or just their IP addresses
  480. # e.g., www.apache.org (on) or 204.62.129.132 (off).
  481. # The default is off because it'd be overall better for the net if people
  482. # had to knowingly turn this feature on, since enabling it means that
  483. # each client request will result in AT LEAST one lookup request to the
  484. # nameserver.
  485. #
  486. HostnameLookups Off
  488. #
  489. # ErrorLog: The location of the error log file.
  490. # If you do not specify an ErrorLog directive within a <VirtualHost>
  491. # container, error messages relating to that virtual host will be
  492. # logged here.  If you *do* define an error logfile for a <VirtualHost>
  493. # container, that host's errors will be logged there and not here.
  494. #
  495. ErrorLog logs/error.log
  497. #
  498. # LogLevel: Control the number of messages logged to the error.log.
  499. # Possible values include: debug, info, notice, warn, error, crit,
  500. # alert, emerg.
  501. #
  502. LogLevel warn
  504. #
  505. # The following directives define some format nicknames for use with
  506. # a CustomLog directive (see below).
  507. #
  508. LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
  509. LogFormat "%h %l %u %t \"%r\" %>s %b" common
  510. LogFormat "%{Referer}i -> %U" referer
  511. LogFormat "%{User-agent}i" agent
  513. #
  514. # The location and format of the access logfile (Common Logfile Format).
  515. # If you do not define any access logfiles within a <VirtualHost>
  516. # container, they will be logged here.  Contrariwise, if you *do*
  517. # define per-<VirtualHost> access logfiles, transactions will be
  518. # logged therein and *not* in this file.
  519. #
  520. CustomLog logs/access.log common
  522. #
  523. # If you would like to have agent and referer logfiles, uncomment the
  524. # following directives.
  525. #
  526. #CustomLog logs/referer.log referer
  527. #CustomLog logs/agent.log agent
  529. #
  530. # If you prefer a single logfile with access, agent, and referer information
  531. # (Combined Logfile Format) you can use the following directive.
  532. #
  533. #CustomLog logs/access.log combined
  535. #
  536. # Optionally add a line containing the server version and virtual host
  537. # name to server-generated pages (error documents, FTP directory listings,
  538. # mod_status and mod_info output etc., but not CGI generated documents).
  539. # Set to "EMail" to also include a mailto: link to the ServerAdmin.
  540. # Set to one of:  On | Off | EMail
  541. #
  542. ServerSignature On
  544. #
  545. # Apache parses all CGI scripts for the shebang line by default.
  546. # This comment line, the first line of the script, consists of the symbols
  547. # pound (#) and exclamation (!) followed by the path of the program that
  548. # can execute this specific script.  For a perl script, with perl.exe in
  549. # the C:\Program Files\Perl directory, the shebang line should be:
  551.    #!c:/program files/perl/perl
  553. # Note you _must_not_ indent the actual shebang line, and it must be the
  554. # first line of the file.  Of course, CGI processing must be enabled by
  555. # the appropriate ScriptAlias or Options ExecCGI directives for the files
  556. # or directory in question.
  557. #
  558. # However, Apache on Windows allows either the Unix behavior above, or can
  559. # use the Registry to match files by extention.  The command to execute
  560. # a file of this type is retrieved from the registry by the same method as
  561. # the Windows Explorer would use to handle double-clicking on a file.
  562. # These script actions can be configured from the Windows Explorer View menu,
  563. # 'Folder Options', and reviewing the 'File Types' tab.  Clicking the Edit
  564. # button allows you to modify the Actions, of which Apache 1.3 attempts to
  565. # perform the 'Open' Action, and failing that it will try the shebang line.
  566. # This behavior is subject to change in Apache release 2.0.
  567. #
  568. # Each mechanism has it's own specific security weaknesses, from the means
  569. # to run a program you didn't intend the website owner to invoke, and the
  570. # best method is a matter of great debate.
  571. #
  572. # To enable the this Windows specific behavior (and therefore -disable- the
  573. # equivilant Unix behavior), uncomment the following directive:
  574. #
  575. #ScriptInterpreterSource registry
  576. #
  577. # The directive above can be placed in individual <Directory> blocks or the
  578. # .htaccess file, with either the 'registry' (Windows behavior) or 'script'
  579. # (Unix behavior) option, and will override this server default option.
  580. #
  582. #
  583. # Aliases: Add here as many aliases as you need (with no limit). The format is
  584. # Alias fakename realname
  585. #
  586. <IfModule mod_alias.c>
  588.     #
  589.     # Note that if you include a trailing / on fakename then the server will
  590.     # require it to be present in the URL.  So "/icons" isn't aliased in this
  591.     # example, only "/icons/".  If the fakename is slash-terminated, then the
  592.     # realname must also be slash terminated, and if the fakename omits the
  593.     # trailing slash, the realname must also omit it.
  594.     #
  595.     Alias /icons/ "D:/Extension_C/WebServer/Apache/Apache/icons/"
  597.     <Directory "D:/Extension_C/WebServer/Apache/Apache/icons">
  598.         Options Indexes MultiViews
  599.         AllowOverride None
  600.         Order allow,deny
  601.         Allow from all
  602.     </Directory>
  604.     # This Alias will project the on-line documentation tree under /manual/
  605.     # even if you change the DocumentRoot. Comment it if you don't want to
  606.     # provide access to the on-line documentation.
  607.     #
  608.     Alias /manual/ "D:/Extension_C/WebServer/Apache/Apache/htdocs/manual/"
  610.     <Directory "D:/Extension_C/WebServer/Apache/Apache/htdocs/manual">
  611.         Options Indexes FollowSymlinks MultiViews
  612.         AllowOverride None
  613.         Order allow,deny
  614.         Allow from all
  615.     </Directory>
  617.     #
  618.     # ScriptAlias: This controls which directories contain server scripts.
  619.     # ScriptAliases are essentially the same as Aliases, except that
  620.     # documents in the realname directory are treated as applications and
  621.     # run by the server when requested rather than as documents sent to the client.
  622.     # The same rules about trailing "/" apply to ScriptAlias directives as to
  623.     # Alias.
  624.     #
  625.     ScriptAlias /cgi-bin/ "D:/Extension_C/WebServer/Apache/Apache/cgi-bin/"
  627.     #
  628.     # "D:/Extension_C/WebServer/Apache/Apache/cgi-bin" should be changed to whatever your ScriptAliased
  629.     # CGI directory exists, if you have that configured.
  630.     #
  631.     <Directory "D:/Extension_C/WebServer/Apache/Apache/cgi-bin">
  632.         AllowOverride None
  633.         Options None
  634.         Order allow,deny
  635.         Allow from all
  636.     </Directory>
  638. </IfModule>
  639. # End of aliases.
  641. #
  642. # Redirect allows you to tell clients about documents which used to exist in
  643. # your server's namespace, but do not anymore. This allows you to tell the
  644. # clients where to look for the relocated document.
  645. # Format: Redirect old-URI new-URL
  646. #
  648. #
  649. # Directives controlling the display of server-generated directory listings.
  650. #
  651. <IfModule mod_autoindex.c>
  653.     #
  654.     # FancyIndexing is whether you want fancy directory indexing or standard
  655.     #
  656.     # Note, add the option TrackModified to the IndexOptions default list only
  657.     # if all indexed directories reside on NTFS volumes.  The TrackModified flag
  658.     # will report the Last-Modified date to assist caches and proxies to properly
  659.     # track directory changes, but it does _not_ work on FAT volumes.
  660.     #
  661.     IndexOptions FancyIndexing
  663.     #
  664.     # AddIcon* directives tell the server which icon to show for different
  665.     # files or filename extensions.  These are only displayed for
  666.     # FancyIndexed directories.
  667.     #
  668.     AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
  670.     AddIconByType (TXT,/icons/text.gif) text/*
  671.     AddIconByType (IMG,/icons/image2.gif) image/*
  672.     AddIconByType (SND,/icons/sound2.gif) audio/*
  673.     AddIconByType (VID,/icons/movie.gif) video/*
  675.     AddIcon /icons/binary.gif .bin .exe
  676.     AddIcon /icons/binhex.gif .hqx
  677.     AddIcon /icons/tar.gif .tar
  678.     AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
  679.     AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
  680.     AddIcon /icons/a.gif .ps .ai .eps
  681.     AddIcon /icons/layout.gif .html .shtml .htm .pdf
  682.     AddIcon /icons/text.gif .txt
  683.     AddIcon /icons/c.gif .c
  684.     AddIcon /icons/p.gif .pl .py
  685.     AddIcon /icons/f.gif .for
  686.     AddIcon /icons/dvi.gif .dvi
  687.     AddIcon /icons/uuencoded.gif .uu
  688.     AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
  689.     AddIcon /icons/tex.gif .tex
  690.     AddIcon /icons/bomb.gif core
  692.     AddIcon /icons/back.gif ..
  693.     AddIcon /icons/hand.right.gif README
  694.     AddIcon /icons/folder.gif ^^DIRECTORY^^
  695.     AddIcon /icons/blank.gif ^^BLANKICON^^
  697.     #
  698.     # DefaultIcon is which icon to show for files which do not have an icon
  699.     # explicitly set.
  700.     #
  701.     DefaultIcon /icons/unknown.gif
  703.     #
  704.     # AddDescription allows you to place a short description after a file in
  705.     # server-generated indexes.  These are only displayed for FancyIndexed
  706.     # directories.
  707.     # Format: AddDescription "description" filename
  708.     #
  709.     #AddDescription "GZIP compressed document" .gz
  710.     #AddDescription "tar archive" .tar
  711.     #AddDescription "GZIP compressed tar archive" .tgz
  713.     #
  714.     # ReadmeName is the name of the README file the server will look for by
  715.     # default, and append to directory listings.
  716.     #
  717.     # HeaderName is the name of a file which should be prepended to
  718.     # directory indexes.  
  719.     #
  720.     ReadmeName README
  721.     HeaderName HEADER
  723.     #
  724.     # IndexIgnore is a set of filenames which directory indexing should ignore
  725.     # and not include in the listing.  Shell-style wildcarding is permitted.
  726.     #
  727.     IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
  729. </IfModule>
  730. # End of indexing directives.
  732. #
  733. # Document types.
  734. #
  735. <IfModule mod_mime.c>
  737.     #
  738.     # AddType allows you to tweak mime.types without actually editing it, or to
  739.     # make certain files to be certain types.
  740.     #
  741.     AddType application/x-tar .tgz
  743.     #
  744.     # AddEncoding allows you to have certain browsers uncompress
  745.     # information on the fly. Note: Not all browsers support this.
  746.     # Despite the name similarity, the following Add* directives have nothing
  747.     # to do with the FancyIndexing customization directives above.
  748.     #
  749.     AddEncoding x-compress .Z
  750.     AddEncoding x-gzip .gz .tgz
  751.     #
  752.     # If the AddEncoding directives above are commented-out, then you
  753.     # probably should define those extensions to indicate media types:
  754.     #
  755.     #AddType application/x-compress .Z
  756.     #AddType application/x-gzip .gz .tgz
  758.     #
  759.     # AddLanguage allows you to specify the language of a document. You can
  760.     # then use content negotiation to give a browser a file in a language
  761.     # it can understand.
  762.     #
  763.     # Note 1: The suffix does not have to be the same as the language
  764.     # keyword --- those with documents in Polish (whose net-standard
  765.     # language code is pl) may wish to use "AddLanguage pl .po" to
  766.     # avoid the ambiguity with the common suffix for perl scripts.
  767.     #
  768.     # Note 2: The example entries below illustrate that in quite
  769.     # some cases the two character 'Language' abbreviation is not
  770.     # identical to the two character 'Country' code for its country,
  771.     # E.g. 'Danmark/dk' versus 'Danish/da'.
  772.     #
  773.     # Note 3: In the case of 'ltz' we violate the RFC by using a three char
  774.     # specifier. But there is 'work in progress' to fix this and get
  775.     # the reference data for rfc1766 cleaned up.
  776.     #
  777.     # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
  778.     # French (fr) - German (de) - Greek-Modern (el)
  779.     # Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn)
  780.     # Portugese (pt) - Luxembourgeois* (ltz)
  781.     # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cs)
  782.     # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
  783.     # Russian (ru)
  784.     #
  785.     AddLanguage da .dk
  786.     AddLanguage nl .nl
  787.     AddLanguage en .en
  788.     AddLanguage et .ee
  789.     AddLanguage fr .fr
  790.     AddLanguage de .de
  791.     AddLanguage el .el
  792.     AddLanguage he .he
  793.     AddCharset ISO-8859-8 .iso8859-8
  794.     AddLanguage it .it
  795.     AddLanguage ja .ja
  796.     AddCharset ISO-2022-JP .jis
  797.     AddLanguage kr .kr
  798.     AddCharset ISO-2022-KR .iso-kr
  799.     AddLanguage nn .nn
  800.     AddLanguage no .no
  801.     AddLanguage pl .po
  802.     AddCharset ISO-8859-2 .iso-pl
  803.     AddLanguage pt .pt
  804.     AddLanguage pt-br .pt-br
  805.     AddLanguage ltz .lu
  806.     AddLanguage ca .ca
  807.     AddLanguage es .es
  808.     AddLanguage sv .sv
  809.     AddLanguage cs .cz .cs
  810.     AddLanguage ru .ru
  811.     AddLanguage zh-TW .zh-tw
  812.     AddCharset Big5         .Big5    .big5
  813.     AddCharset WINDOWS-1251 .cp-1251
  814.     AddCharset CP866        .cp866
  815.     AddCharset ISO-8859-5   .iso-ru
  816.     AddCharset KOI8-R       .koi8-r
  817.     AddCharset UCS-2        .ucs2
  818.     AddCharset UCS-4        .ucs4
  819.     AddCharset UTF-8        .utf8
  821.     # LanguagePriority allows you to give precedence to some languages
  822.     # in case of a tie during content negotiation.
  823.     #
  824.     # Just list the languages in decreasing order of preference. We have
  825.     # more or less alphabetized them here. You probably want to change this.
  826.     #
  827.     <IfModule mod_negotiation.c>
  828.         LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
  829.     </IfModule>
  831.     #
  832.     # AddHandler allows you to map certain file extensions to "handlers",
  833.     # actions unrelated to filetype. These can be either built into the server
  834.     # or added with the Action command (see below)
  835.     #
  836.     # If you want to use server side includes, or CGI outside
  837.     # ScriptAliased directories, uncomment the following lines.
  838.     #
  839.     # To use CGI scripts:
  840.     #
  841.     #AddHandler cgi-script .cgi
  843.     #
  844.     # To use server-parsed HTML files
  845.     #
  846.     #AddType text/html .shtml
  847.     #AddHandler server-parsed .shtml
  849.     #
  850.     # Uncomment the following line to enable Apache's send-asis HTTP file
  851.     # feature
  852.     #
  853.     #AddHandler send-as-is asis
  855.     #
  856.     # If you wish to use server-parsed imagemap files, use
  857.     #
  858.     #AddHandler imap-file map
  860.     #
  861.     # To enable type maps, you might want to use
  862.     #
  863.     #AddHandler type-map var
  865. </IfModule>
  866. # End of document types.
  868. #
  869. # Action lets you define media types that will execute a script whenever
  870. # a matching file is called. This eliminates the need for repeated URL
  871. # pathnames for oft-used CGI file processors.
  872. # Format: Action media/type /cgi-script/location
  873. # Format: Action handler-name /cgi-script/location
  874. #
  876. #
  877. # MetaDir: specifies the name of the directory in which Apache can find
  878. # meta information files. These files contain additional HTTP headers
  879. # to include when sending the document
  880. #
  881. #MetaDir .web
  883. #
  884. # MetaSuffix: specifies the file name suffix for the file containing the
  885. # meta information.
  886. #
  887. #MetaSuffix .meta
  889. #
  890. # Customizable error response (Apache style)
  891. #  these come in three flavors
  892. #
  893. #    1) plain text
  894. #ErrorDocument 500 "The server made a boo boo.
  895. #  n.b.  the single leading (" ) marks it as text, it does not get output
  896. #
  897. #    2) local redirects
  898. #ErrorDocument 404 /missing.html
  899. #  to redirect to local URL /missing.html
  900. #ErrorDocument 404 /cgi-bin/missing_handler.pl
  901. #  N.B.: You can redirect to a script or a document using server-side-includes.
  902. #
  903. #    3) external redirects
  904. #ErrorDocument 402 http://www.example.com/subscription_info.html
  905. #  N.B.: Many of the environment variables associated with the original
  906. #  request will *not* be available to such a script.
  908. #
  909. # Customize behaviour based on the browser
  910. #
  911. <IfModule mod_setenvif.c>
  913.     #
  914.     # The following directives modify normal HTTP response behavior.
  915.     # The first directive disables keepalive for Netscape 2.x and browsers that
  916.     # spoof it. There are known problems with these browser implementations.
  917.     # The second directive is for Microsoft Internet Explorer 4.0b2
  918.     # which has a broken HTTP/1.1 implementation and does not properly
  919.     # support keepalive when it is used on 301 or 302 (redirect) responses.
  920.     #
  921.     BrowserMatch "Mozilla/2" nokeepalive
  922.     BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
  924.     #
  925.     # The following directive disables HTTP/1.1 responses to browsers which
  926.     # are in violation of the HTTP/1.0 spec by not being able to grok a
  927.     # basic 1.1 response.
  928.     #
  929.     BrowserMatch "RealPlayer 4\.0" force-response-1.0
  930.     BrowserMatch "Java/1\.0" force-response-1.0
  931.     BrowserMatch "JDK/1\.0" force-response-1.0
  933. </IfModule>
  934. # End of browser customization directives
  936. #
  937. # Allow server status reports, with the URL of http://servername/server-status
  938. # Change the "alpac.dyndns.org" to match your domain to enable.
  939. #
  940. #<Location /server-status>
  941. #    SetHandler server-status
  942. #    Order deny,allow
  943. #    Deny from all
  944. #    Allow from alpac.dyndns.org
  945. #</Location>
  947. #
  948. # Allow remote server configuration reports, with the URL of
  949. # http://servername/server-info (requires that mod_info.c be loaded).
  950. # Change the "alpac.dyndns.org" to match your domain to enable.
  951. #
  952. #<Location /server-info>
  953. #    SetHandler server-info
  954. #    Order deny,allow
  955. #    Deny from all
  956. #    Allow from alpac.dyndns.org
  957. #</Location>
  959. #
  960. # There have been reports of people trying to abuse an old bug from pre-1.1
  961. # days.  This bug involved a CGI script distributed as a part of Apache.
  962. # By uncommenting these lines you can redirect these attacks to a logging  
  963. # script on phf.apache.org.  Or, you can record them yourself, using the script
  964. # support/phf_abuse_log.cgi.
  965. #
  966. #<Location /cgi-bin/phf*>
  967. #    Deny from all
  968. #    ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
  969. #</Location>
  971. ### Section 3: Virtual Hosts
  972. #
  973. # VirtualHost: If you want to maintain multiple domains/hostnames on your
  974. # machine you can setup VirtualHost containers for them. Most configurations
  975. # use only name-based virtual hosts so the server doesn't need to worry about
  976. # IP addresses. This is indicated by the asterisks in the directives below.
  977. #
  978. # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
  979. # for further details before you try to setup virtual hosts.
  980. #
  981. # You may use the command line option '-S' to verify your virtual host
  982. # configuration.
  984. #
  985. # Use name-based virtual hosting.
  986. #
  987. #NameVirtualHost *:80
  989. #
  990. # VirtualHost example:
  991. # Almost any Apache directive may go into a VirtualHost container.
  992. # The first VirtualHost section is used for requests without a known
  993. # server name.
  994. #
  995. #<VirtualHost *:80>
  996. #    ServerAdmin webmaster@dummy-host.example.com
  997. #    DocumentRoot /www/docs/dummy-host.example.com
  998. #    ServerName dummy-host.example.com
  999. #    ErrorLog logs/dummy-host.example.com-error_log
  1000. #    CustomLog logs/dummy-host.example.com-access_log common
  1001. #</VirtualHost>


 
 
.htaccess du repértoire coupleur :
 

Code :
  1. <Files adm.php>
  2. AuthUserFile "d:\extens~1\WebSer~1\Docume~1\.htpasswd"
  3. AuthGroupFile /dev/null
  4. AuthName "Accès sécurisé au site ALPAC"
  5. AuthType Basic
  6. <LIMIT GET POST>
  7. order deny,allow
  8. deny from all
  9. Require valid-user
  10. Satisfy any
  11. </LIMIT>
  12. </Files>


(donc juste pour un fichier.
 
.htaccess de la racine :
 

Code :
  1. AuthUserFile "d:\extens~1\WebSer~1\Docume~1\.htpasswd"
  2. AuthGroupFile /dev/null
  3. AuthName "Accès sécurisé au site ALPAC"
  4. AuthType Basic
  5. <LIMIT GET POST>
  6. order deny,allow
  7. deny from all
  8. allow from 192.168.0
  9. Require valid-user
  10. Satisfy any
  11. </LIMIT>

Reply

Marsh Posté le 31-07-2004 à 20:05:04    

t'aurais pu virer les commentaires :sweat:

Reply

Marsh Posté le 31-07-2004 à 20:08:06    

Flemme :D
 
Bon j'ai foutu les 2 regles htaccess directement dans le httpd.conf, ca devrait etre bon la.

Reply

Marsh Posté le 31-07-2004 à 20:09:11    

je fous tout dans le httpd.conf sur mon propre serveur en fait moi :/
 
edit: ah bah voilà :D
 
edit2: j'ai encore le prompt :/


Message édité par uriel le 31-07-2004 à 20:10:08

---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 20:13:22    

un truc comme ça dans le httpd.conf:


<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
 
 
<Directory "/var/www/html">
 
MultiViews
 
Options Indexes FollowSymLinks ExecCGI
 
AllowOverride None
Order allow,deny
Allow from all
 
</Directory>
 
#Test directory
 
<Directory "/var/www/html/test">
AllowOverride All
</Directory>


 
et chaque fois des regles comme ça, c'est fastidieux mais au moins c'est clair :D


Message édité par uriel le 31-07-2004 à 20:15:15

---------------
IVG en france
Reply

Marsh Posté le 31-07-2004 à 20:16:14    

Il sert a quoi ton parametre MultiViews ?

Reply

Marsh Posté le 31-07-2004 à 20:32:52    

skylight a écrit :

Flemme :D
 
Bon j'ai foutu les 2 regles htaccess directement dans le httpd.conf, ca devrait etre bon la.

Je sais pas comment tu les as inclus, mais en tout cas, le seul pour lequel il ne demande rien, c'est adm.php :/

Reply

Marsh Posté le 31-07-2004 à 20:48:14    

skylight a écrit :

Il sert a quoi ton parametre MultiViews ?


 
c'est un parametre qui etait là par defaut, ca sert principalement à ça:
http://httpd.apache.org/docs/content-negotiation.html
(en clair, ça permet de proposer differentes possibilité pour un meme document qui s'adapte au client)


---------------
IVG en france
Reply

Marsh Posté le    

Reply

Sujets relatifs:

Leave a Replay

Make sure you enter the(*)required information where indicate.HTML code is not allowed