0

I want to make changes over my httpd.conf file of Apache running in Windows, but I want to know why need to use (or declare) the same root twice.

DocumentRoot "C:/Apache/htdocs"
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>
<Directory "C:/Apache/htdocs">
    AllowOverride None
    Order allow,deny
    Allow from all
  Options None
</Directory>

If the first has all about of security or access to be aplied to DocumentRoot, why I need to declare again

In this case are differents, can I to pass over the last declarations like: < Directory "C:/Apache/htdocs">?

Can Apache run omitting the last < Directory "C:/Apache/htdocs">?

I can't find the sense.

Thank you.

Luigi Giuseppe
  • 631
  • 1
  • 6
  • 4
  • Where's this config come from? On first glance I'd say that's intended to keep the config compatible with *nix systems.. but that might not make sense, depending on the context of where this is from. – Shane Madden Oct 21 '13 at 19:36

1 Answers1

1

I'm from UNIX/Linux land, but I think you're slightly misreading the configuration. Let's break your config down into 3 sections (well, it already is in 3 sections).

First, the DocumentRoot is entirely on it's own, ignore this for your problem/question.

Second, the 'Directory /' is configured to Deny from all. This is NOT for your DocumentRoot, this is for the root of your filesystem (I don't really know how Apache interprets this on Windows, but it's true for Linux and UNIX).

Third, the 'Directory "C:/Apache/htdocs" is configured to Allow from all from your DocumentRoot.

This is basic Apache performance and security tuning, and likely the default on nearly every distribution of Apache HTTPD out there by now.

The 'AllowOverride None' from the first Directory listing keeps Apache from checking every single directory ABOVE the Document root for overrides (.htaccess files).

From the Apache docs: When this directive is set to None, then .htaccess files are completely ignored. In this case, the server will not even attempt to read .htaccess files in the filesystem.

So, if you remove the 'Directory /' stanza: then Apache would look for c:/.htaccess and c:/Apache/.htaccess before reaching the 'Directory C:/Apache/htdocs' directory. It won't bother looking any further, since 'AllowOverride None' is set for c:/Apache/htdocs. Your website will load, but you're needlessly increasing the work Apache has to do to serve it up.

Now, if you remove the 'Directory "C:/Apache/htdocs"' stanza: Then you're stuck with the settings for 'Directory /' which includes 'Deny from all'. Your website will NOT load.

The configuration as is looks correct to me.