in reply to Re: Parsing/validating Apache .htaccess file
in thread Parsing/validating Apache .htaccess file
Stop limiting the limits! Remove that line (and the closing line). Otherwise, your restrictions are not applying to the other half dozen methods that can used in that area.<Limit GET POST>
It's probably not your fault. One of the early Apache docs showed <limit GET POST> and everyone picked up on it, but of course that was revised later, but by then everyone was cargo-culting the broken thing.
From the apache docs:
Access controls are normally effective for all access methods, and this is the usual desired behavior. In the general case, access control directives should not be placed within a <limit> section.
So, one of my many personal crusades is to remove this cargo cult by telling people: Don't limit your limits!.
-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.
|
|---|