0

I've searched all over stackoverflow and seen various posts but no luck thus far.

Let me paint the picture: Im hosting a game server for me and some buddies and im symlinking the directory with maps and mod to apache2. I only want the outside world to be able to download the so called "pk3" files but not the "cfg","log" or any other file type.

That part i got working. I also want autoindex to work but no luck thus far. I get a 403 error.

Current state:

<Directory /var/www/redirect/*>
    allow from all
    Options +Indexes
    IndexIgnore .. *cfg* *dat *dll *txt URL *log *backup* database
    IndexOptions FancyIndexing FoldersFirst
    AllowOverride None
    Require all granted
</Directory>

<Files *>
    Order deny,allow
    deny from all
</Files>

<Files *.pk3>
    Order deny,allow
    allow from all
</Files>

<FilesMatch "^(index\.*)?$">
    Order allow,deny
    allow from all
</FilesMatch>

The FilesMatch doesnt seem to work properly (hence the [access_compat:error] in my logs and 403 in my browser).

Hopefully someone can help me with this, ive been searching for hours.

vitali
  • 1
  • 3

1 Answers1

0

See here: https://serverfault.com/questions/634996/apache2-allow-directory-indexing-but-restrict-file-access-by-type

You need also to allow index files:

<FilesMatch "index\.">
    Order allow,deny
    allow from all
</FilesMatch>

because Apache will search for them (like index.html, index.cgi,...) but they are all forbidden. I'm not sure why, but I suppose Apache cannot even check for existence of those files, and then sends a 403. If Apache can check the inexistence of those index files, he will create the directory index, and that needs the <FilesMatch ""> Directive, as the index file name is "".

You can find the information in the error logfile, some lines like:

client denied by server configuration: /var/www/index.html

And because you want that forbidden files are listed too, you need to add

IndexOptions ShowForbidden

for example after Options Indexes FollowSymLinks. There are plenty of options for directory indexes you can find them in the apache doc.

Hope this helps.

Update: The FilesMatch needs to hit every possible entry from the DirectoryIndex directive and the empty string. If you have this: DirectoryIndex index.html index.html.var index.php then this is your match: <Files ~ ^index\.(html|php|html.var)$|^$>

It might be easiest to set DirectoryIndex and then match:

DirectoryIndex index.html
<Files ~ ^index\.html$|^$>
    <Limit GET HEAD>
        Order Allow,Deny
        Allow from all
    </Limit>
</Files>
Eric Wheeler
  • 1
  • 1