Apache Directory Level Access Control
CentOS-6.5
httpd-2.2.15 (CentOS)
I am trying to understand how directory access control works in Apache-2.2. Does a means exist to revoke access in a subdirectory if access has been granted in a higher one? We restrict access to the entire site via htdigest but some directories are need to be further restricted by the group a user is assigned to. I have this situation:
AuthType Digest
AuthName ca.harte-lyne
AuthDigestDomain /
AuthDigestProvider file
AuthUserFile /etc/httpd/access.d/.htdigest
AuthGroupFile /var/data/hll_dav/htgroup
Require group staff
AllowOverride None
Order allow,deny
allow from all
Satisfy All
Options Indexes MultiViews
IndexOptions FancyIndexing
AddDefaultCharset UTF-8
Require group management
In this setup a member of group staff who is not a member of group management nonetheless can list and download files in /Private. I want to prevent this. Is this possible and if so then how is this done?
Recent Comments