发表新帖
发表新帖

Wampserver 403 on named virtual hosts outside of /www

后端 未结
关注
5 1198
栀梦
栀梦 2021-02-05 21:36

Wampserver tells me accessed denied when I try making a virtual host outside of the c:/wamp/www/ directory. I can make one fine within that directory. Even making a symbolic lin

5条回答
  • 孤独总比滥情好
    孤独总比滥情好 (楼主)
    2021-02-05 22:08

    I had the same issue but managed to resolve after looking at this question.

    However, the accepted answer maybe isn't the best solution, depending on how secure you want your Apache configuration to be.

    I think the solution should mention two things, first ensuring security isn't compromised and second; understanding the difference in access control configuration between Apache versions 2.2 and 2.4.

    Ensuring security isn't compromised

    Commenting out the suggested lines:

    
    AllowOverride none
    Require all denied

    Means you remove the default strict security applied to ALL directories on your machine, as I understand it. Someone else could create a configuration pointing to your C:\very\sensitive\information directory and serve up content from there to a website (which is most likely to be a concern on a shared host). Interestingly, the following comment is made above that block:

    # First, we configure the "default" to be a very restrictive set of 
# features.

    Then beneath that block:

    # Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.

    It makes complete sense to lock everything down, then conditionally unlock per directory.

    I came up with the following which points to the location on my machine where all my websites (served up via Apache virtual hosts) will live. This immediately follows the block.

    
    Options Indexes FollowSymLinks
    AllowOverride all
    Require all granted

    Then within each of your virtual host configurations/aliases you can set the configuration that applies to that directory.

    Difference in access control configuration

    Configuring access control in more recent versions of Apache has changed.

    What used to be:

    Order allow,deny
Allow from all

    Should now be:

    Require all granted

    For more info: http://httpd.apache.org/docs/current/upgrading.html

    0 讨论(0)
 看不清?
提交回复
热议问题