Ticket #2334 (closed defect: fixed)
Allow Apache to read from "errors" directory
|Reported by:||the3rdBIT||Owned by:||nuxwin|
|Priority:||normal||Milestone:||ispCP ω 1.0.7|
|Component:||Config Files||Version:||ispCP ω 1.0.5|
Description (last modified by benedikt) (diff)
For security reasons, I have disabled the access for Apache to the entire file system. This is an option that will be set as default in /etc/apache2/conf.d/security for the Debian releases after lenny:
<Directory /> AllowOverride None Order Deny,Allow Deny from all </Directory>
The websites are working properly, because ispCP resets these settings automatically for the activated htdocs. But if there is any error message, it will show something like this:
Not Found The requested URL /bjhjkbijbibju was not found on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
The access allowing settings should be activated for /var/www/virtual/<domain>/errors too, for completeness and to support future Debian releases.