From: Daniel Gruno Date: Fri, 20 Jul 2012 12:45:03 +0000 (+0000) Subject: xforms X-Git-Tag: 2.2.23~110 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45a9c5f9520c3e14ad2f6ad97e01495b23dac9c6;p=thirdparty%2Fapache%2Fhttpd.git xforms git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1363754 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/howto/htaccess.html.en b/docs/manual/howto/htaccess.html.en index 157637dae61..f9a2eef0fda 100644 --- a/docs/manual/howto/htaccess.html.en +++ b/docs/manual/howto/htaccess.html.en @@ -5,7 +5,7 @@ This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> -Apache Tutorial: .htaccess files - Apache HTTP Server +Apache HTTP Server Tutorial: .htaccess files - Apache HTTP Server @@ -19,7 +19,7 @@
<-
-Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials

Apache Tutorial: .htaccess files

+Apache > HTTP Server > Documentation > Version 2.2 > How-To / Tutorials

Apache HTTP Server Tutorial: .htaccess files

Available Languages:  en  |  fr  | @@ -43,13 +43,11 @@ changes on a per-directory basis.

top

.htaccess files

-
Related ModulesRelated Directives
+
Related ModulesRelated Directives
You should avoid using .htaccess files completely if you have access to - httpd main server config file. Using .htaccess files slows down your Apache server. - Any directive that you can include in a .htaccess file is - better set in a Directory block, - as it will have the same effect with better performance.
+ httpd main server config file. Using .htaccess files slows down your Apache http server. + Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance.
top

What they are/How to use them

@@ -74,7 +72,7 @@ changes on a per-directory basis.

In general, .htaccess files use the same syntax as the main configuration - files. What you can put in these files is determined by the + files. What you can put in these files is determined by the AllowOverride directive. This directive specifies, in categories, what directives will be honored if they are found in a .htaccess file. If a @@ -109,13 +107,16 @@ changes on a per-directory basis.

When (not) to use .htaccess files

-

In general, you should never use .htaccess files unless +

In general, you should only use .htaccess files when you don't have access to the main server configuration file. There is, - for example, a prevailing misconception that user authentication should - always be done in .htaccess files. This is simply not the + for example, a common misconception that user authentication should + always be done in .htaccess files, and, in more recent years, + another miscomception that mod_rewrite directives + must go in .htaccess files. This is simply not the case. You can put user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do - things.

+ things. Likewise, mod_rewrite directives work better, + in many respects, in the main server configuration.

.htaccess files should be used in a case where the content providers need to make configuration changes to the server on a @@ -137,18 +138,18 @@ changes on a per-directory basis.

.htaccess files.

The first of these is performance. When AllowOverride - is set to allow the use of .htaccess files, Apache will + is set to allow the use of .htaccess files, httpd will look in every directory for .htaccess files. Thus, permitting .htaccess files causes a performance hit, whether or not you actually even use them! Also, the .htaccess file is loaded every time a document is requested.

-

Further note that Apache must look for .htaccess files +

Further note that httpd must look for .htaccess files in all higher-level directories, in order to have a full complement of directives that it must apply. (See section on how directives are applied.) Thus, if a file is requested out of a - directory /www/htdocs/example, Apache must look for the + directory /www/htdocs/example, httpd must look for the following files:

@@ -164,6 +165,15 @@ changes on a per-directory basis.

.htaccess files were enabled for /, which is not usually the case.)

+

In the case of RewriteRule directives, in + .htaccess context these regular expressions must be + re-compiled with every request to the directory, whereas in main + server configuration context they are compiled once and cached. + Additionally, the rules themselves are more complicated, as one must + work around the restrictions that come with per-directory context + and mod_rewrite. Consult the Rewrite Guide for more + detail on this subject.

+

The second consideration is one of security. You are permitting users to modify server configuration, which may result in changes over which you have no control. Carefully consider whether you want to give @@ -184,9 +194,8 @@ changes on a per-directory basis.

.htaccess file in /www/htdocs/example:

Contents of .htaccess file in - /www/htdocs/example

- AddType text/example .exm -

+ /www/htdocs/example
AddType text/example .exm
+

Section from your httpd.conf file

@@ -194,12 +203,12 @@ changes on a per-directory basis.

AddType text/example .exm
 - </Directory> +</Directory>

However, putting this configuration in your server configuration file will result in less of a performance hit, as the configuration is - loaded once when Apache starts, rather than every time a file is + loaded once when httpd starts, rather than every time a file is requested.

The use of .htaccess files can be disabled completely @@ -256,9 +265,9 @@ changes on a per-directory basis.

As discussed in the documentation on Configuration Sections, .htaccess files can override the <Directory> sections for the corresponding directory, but will be overriden by other types - of configuration sections from the main configuration files. This + of configuration sections from the main configuration files. This fact can be used to enforce certain configurations, even in the - presence of a liberal AllowOverride setting. For example, to + presence of a liberal AllowOverride setting. For example, to prevent script execution while allowing anything else to be set in .htaccess you can use:

@@ -271,7 +280,7 @@ Allowoverride All

<Location />
-Options +IncludesNoExec -ExecCGI
+ Options +IncludesNoExec -ExecCGI
 </Location>

@@ -303,7 +312,7 @@ Options +IncludesNoExec -ExecCGI
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
- Require Group admins +Require Group admins

Note that AllowOverride AuthConfig must be in effect @@ -323,7 +332,7 @@ Options +IncludesNoExec -ExecCGI

Options +Includes
AddType text/html shtml
- AddHandler server-parsed shtml +AddHandler server-parsed shtml

Note that AllowOverride Options and AllowOverride @@ -342,7 +351,7 @@ Options +IncludesNoExec -ExecCGI

Options +ExecCGI
- AddHandler cgi-script cgi pl +AddHandler cgi-script cgi pl

Alternately, if you wish to have all files in the given directory be @@ -351,7 +360,7 @@ Options +IncludesNoExec -ExecCGI

Options +ExecCGI
- SetHandler cgi-script +SetHandler cgi-script

Note that AllowOverride Options and AllowOverride @@ -373,15 +382,35 @@ Options +IncludesNoExec -ExecCGI
set such that your configuration directives are being honored. Make sure that you don't have a AllowOverride None in effect for the file scope in question. A good test for this is to put garbage - in your .htaccess file and reload. If a server error is + in your .htaccess file and reload the page. If a server error is not generated, then you almost certainly have AllowOverride None in effect.

If, on the other hand, you are getting server errors when trying to - access documents, check your Apache error log. It will likely tell you + access documents, check your httpd error log. It will likely tell you that the directive used in your .htaccess file is not - permitted. Alternately, it may tell you that you had a syntax error, - which you will then need to fix.

+ permitted.

+ +

+ [Fri Sep 17 18:43:16 2010] [alert] [client 192.168.200.51] /var/www/html/.htaccess: DirectoryIndex not allowed here +

+ +

This will indicate either that you've used a directive that is + never permitted in .htaccess files, or that you simply + don't have AllowOverride set to + a level sufficient for the directive you've used. Consult the + documentation for that particular directive to determine which is + the case.

+ +

Alternately, it may tell you that you had a syntax error in your + usage of the directive itself.

+ +

+ [Sat Aug 09 16:22:34 2008] [alert] [client 192.168.200.51] /var/www/html/.htaccess: RewriteCond: bad flag delimiters +

+ +

In this case, the error message should be specific to the + particular syntax error that you have committed.

diff --git a/docs/manual/howto/htaccess.html.fr b/docs/manual/howto/htaccess.html.fr index d9f9e89686d..3e299677742 100644 --- a/docs/manual/howto/htaccess.html.fr +++ b/docs/manual/howto/htaccess.html.fr @@ -27,6 +27,8 @@  ko  |  pt-br 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.

Les fichiers .htaccess fournissent une méthode pour modifier la configuration du serveur au niveau de chaque répertoire.

diff --git a/docs/manual/howto/htaccess.xml.fr b/docs/manual/howto/htaccess.xml.fr index cd0e3ad276b..c87b6ee5932 100644 --- a/docs/manual/howto/htaccess.xml.fr +++ b/docs/manual/howto/htaccess.xml.fr @@ -1,7 +1,7 @@ - + diff --git a/docs/manual/howto/htaccess.xml.ja b/docs/manual/howto/htaccess.xml.ja index e4a6bd0fdb5..e08de33fe36 100644 --- a/docs/manual/howto/htaccess.xml.ja +++ b/docs/manual/howto/htaccess.xml.ja @@ -1,7 +1,7 @@ - + + + + + +