dev/core#913 - update autogenerated .htaccess for apache 2.4 #14158
Conversation
|
(Standard links)
|
demeritcowboy
force-pushed
the
deny-for-real
branch
from
9f3f663
to
96ed6a0
Compare
There was a problem hiding this comment.
You can use something like this to have a single .htaccess that is compatible with both versions of apache:
# Apache 2.2
<IfModule !authz_core_module>
Order Deny,Allow
Deny from all
</IfModule>
# Apache 2.4+
<IfModule authz_core_module>
<RequireAll>
Require all denied
</RequireAll>
</IfModule>
This has the advantage of continuing to work if installs move back and forth between apache versions (or if version detection fails).
(Based on an example in .htaccess made easy.)
|
Thanks! I'll take a look. Makes sense. The |
demeritcowboy
force-pushed
the
deny-for-real
branch
from
96ed6a0
to
75f7fb9
Compare
|
Oops. Somehow that closed the PR. |
There was a problem hiding this comment.
Looks great now, thanks @demeritcowboy!
(CiviCRM Review Template WORD-1.2)
|
Thanks for reviewing @pfigel |
|
reviewing based on @pfigel review |
|
Duplicate of https://issues.civicrm.org/jira/browse/CRM-21571 |
|
@edvanleeuwen Ahh I never saw that. I see you had some technical trouble getting a pull request posted back then - it is pretty tricky. You can see farther up here I accidentally closed this one in the middle somehow and I'm still not sure how I did that. I don't know if you asked in chat.civicrm.org back then but in future you can also ask there which is sometimes helpful for those technical hurdles. |
Overview
See https://lab.civicrm.org/dev/core/issues/913
Before
The current autogenerated .htaccess is for apache 2.2. It happens to work on apache 2.4 because it gives an internal error, but that's obviously not what was intended. It may also happen to work on apache 2.4 if mod_access_compat happens to be installed.
After
Works on apache 2.4 with no log errors. Falls back to current behavior if it can't tell if it's apache 2.4 or higher.