Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Apache 2.4 #2

Closed
a1ee9b opened this issue Feb 9, 2015 · 14 comments
Closed

Apache 2.4 #2

a1ee9b opened this issue Feb 9, 2015 · 14 comments

Comments

@a1ee9b
Copy link

a1ee9b commented Feb 9, 2015

There were actually some breaking changes in the .htaccess syntax if you upgrade apache from 2.2 to 2.4. Check this page for a full list.

The most commonly problem is with the access control:
From:

Order deny,allow
Deny from all

To

Require all denied
@phanan
Copy link
Owner

phanan commented Feb 9, 2015

I'm aware of this, but not sure about 2.2 vs 2.4 usage. From my pov (no backed up numbers), 2.2 is much more commonly seen.
Is adding this breaking note under the repo description a good idea?

@a1ee9b
Copy link
Author

a1ee9b commented Feb 9, 2015

A link to the changes page is probably a good idea. Took me some time to see that they made breaking changes in a minor version step...

@phanan
Copy link
Owner

phanan commented Feb 9, 2015

Added it, thanks!

@phanan phanan closed this as completed Feb 9, 2015
@msumpter
Copy link

msumpter commented Feb 9, 2015

I didn't see the note about 2.4 in the README until after I forked the repo and added sections for 2.4 and 2.2. Not sure if you would want this added or not but since I wrapped it up I thought I could pass it along:
https://github.com/msumpter/htaccess

2.2 is much more common, but 2.4 is the default Apache install on RHEL/CentOS 7 and Ubuntu 14.04 and eventually these docs will need to be updated to handle both as 2.4 grows in usage.

@phanan
Copy link
Owner

phanan commented Feb 10, 2015

Thanks. I totally agree on what you said:

2.2 is much more common, but 2.4 is the default Apache install on RHEL/CentOS 7 and Ubuntu 14.04 and eventually these docs will need to be updated to handle both as 2.4 grows in usage.

But splitting 2.2 and 2.4 config into different sections can make the README look fragmented. Should we make use of comments instead?

## Apache 2.2
Order deny, allow
Deny from all
Allow from xxx.xxx.xxx.xxx

## Apache 2.4
# Require all denied
# Require ip xxx.xxx.xxx.xxx

@JudeRosario
Copy link

But splitting 2.2 and 2.4 config into different sections can make the README look fragmented.

I agree. I feel nobody will need both at the same time, so ideally instead of fragmenting this document its better to have a separate one. This and general instructions on which document to look in for your version makes more sense imho.

@phanan
Copy link
Owner

phanan commented Feb 10, 2015

Then this time the repo itself would be cluttered. Also, not every section
is applicable/necessary to be on both documents.

On Tuesday, February 10, 2015, Jude Rosario notifications@github.com
wrote:

But splitting 2.2 and 2.4 config into different sections can make the
README look fragmented.

I feel nobody will need both at the same time, so ideally instead of
fragmenting this document its better to have a separate one. This and
general instructions on which document to look in for your version makes
more sense imho.


Reply to this email directly or view it on GitHub
#2 (comment).

@JudeRosario
Copy link

Then this time the repo itself would be cluttered. Also, not every section
is applicable/necessary to be on both documents

Agreed, I guess its your call on how to take this project forward. My earlier PR had 2 sections for 2.2 and 2.4 separately

@a1ee9b
Copy link
Author

a1ee9b commented Feb 10, 2015

I think the best solution would be to add two example .htaccess files to the repo, containing all the source commented out.

I.e.:
.htacces.2.2:

## Deny All Access Except Yours
# Order deny, allow
# Deny from all
# Allow from xxx.xxx.xxx.xxx

.htaccess.2.4:

## Deny All Access Except Yours
# Require all denied
# Require ip xxx.xxx.xxx.xxx

The explanation in the README is probably applicable to both of them.

@filhocodes
Copy link

For the authorization, this snippet can be used to handle both Apache 2.2 and 2.4

<IfModule authz_core_module>
    Require all denied
</IfModule>
<IfModule !authz_core_module>
    Deny from all
</IfModule>

But I think that if this repo's target public is the github users, and not you (@phanan), you should add snippets to both versions of apache. Since that's your repo, maybe you want to have only snippets that help you (not judging 😄)

@phanan
Copy link
Owner

phanan commented Feb 10, 2015

Since that's your repo, maybe you want to have only snippets that help you

Well if this was true, I would just write the "force www" snippet somewhere and stick to it, since it's like the only thing I really ever need...

Now while your snippet may work (I've not tested it), it's kinda redundant I'm afraid. A web master should always know his Apache version thus only needs the respective config.

@a1ee9b Won't this clutter the repo up too? Also, we may end up with redundant info having several files.

I'd love to follow the model of Front-end Job Interview Questions instead -- information is right there when you need it. Guess I'll stick with comments for now. Would be great if @msumpter and @JudeRosario could update the PRs accordingly. Thanks so much!

@msumpter
Copy link

Sorry I'm late back into this thread, I agree completely about breaking up the README too much with sub sections. Comments probably are the best way to go for clarity.

@lorepozo
Copy link
Contributor

You could have a 2.4 branch and a 2.2 branch, remove the master branch, and make 2.2 the default.

vlakoff added a commit to vlakoff/htaccess that referenced this issue Apr 9, 2015
vlakoff added a commit to vlakoff/htaccess that referenced this issue Apr 9, 2015
@vlakoff
Copy link
Contributor

vlakoff commented Apr 9, 2015

automatic recognition of #<digits>… sorry!

phanan added a commit that referenced this issue Apr 9, 2015
More precise source link for trailing slash removal rule #2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

7 participants