From: Matt Birkholz Date: Sat, 9 Mar 2024 16:23:58 +0000 (-0600) Subject: Update discussion of Apache configuration. X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=1f71a83290c938bdbf76b2c17388b4252a2c2669;p=Institute Update discussion of Apache configuration. Apache seems to be following the symbolic links in /home/www-users/ without Option FollowSymLinks, which was removed a while ago(?). Also removed apache-userdir-directory. User directories are not really treated differently. All are strict AllowOverride None. --- diff --git a/README.org b/README.org index 16bd6cf..cd04412 100644 --- a/README.org +++ b/README.org @@ -1931,29 +1931,20 @@ more control over what appears on the public web site. The tasks below create or remove the symbolic links. The following are the necessary Apache2 directives: a ~UserDir~ -directive naming =/home/www-users/=, a matching ~Directory~ block that -allows the server to follow the symbol links, and a ~Directory~ block -that matches the user directories and includes the standard ~Require~ -and ~AllowOverride~ directives used on all of the institute's static -web sites (~https://small.example.org/~, ~http://live/~, and -~http://test/~). +directive naming =/home/www-users/= and matching ~Directory~ block +that includes the standard ~Require~ and ~AllowOverride~ directives +used on all of the institute's web sites. #+NAME: apache-userdir-front #+CAPTION: ~apache-userdir-front~ #+BEGIN_SRC conf :noweb yes UserDir /home/www-users - <> + Require all granted + AllowOverride None #+END_SRC -#+NAME: apache-userdir-directory -#+CAPTION: ~apache-userdir-directory~ -#+BEGIN_SRC conf -Require all granted -AllowOverride None -#+END_SRC - The institute requires the use of HTTPS on Front, so its default HTTP virtual host permanently redirects requests to their corresponding HTTPS URLs. @@ -1978,7 +1969,7 @@ The ~DocumentRoot~ directive is accompanied by a ~Directory~ block that authorizes access to the tree, and ensures =.htaccess= files within the tree are disabled for speed and security. This and most of Front's Apache2 directives (below) are intended for the top level, not -inside a ~VirtualHost~ block, to apply globally. +the inside of a ~VirtualHost~ block. They should apply globally. #+NAME: apache-front #+CAPTION: ~apache-front~ @@ -3418,7 +3409,8 @@ naming a sub-directory in the member's home directory on Core. The #+BEGIN_SRC conf :noweb yes UserDir Public/HTML - <> + Require all granted + AllowOverride None #+END_SRC