If you are running Apache >= 2.4 the new authentication scheme should be used. This can be done mostly by
Should be changed to
Same goes for all apache conf files like httpd-directories-*.conf
See here for more info:
- http://httpd.apache.org/docs/2.4/upgrading.html
- https://www.apachelounge.com/viewtopic.php?p=28631#28631
Issue 2:
Also, Currently the httpd-directories-*.conf are too restrictive. For example currently there is a <Limit GET POST PROPFIND> which totally eliminates the DELETE and PUT methods, used by for example OwnCloud software.
My httpd-directories-*.conf are now looking like this:
Which works in my setup.
Code:
echo ' Order allow,deny' >> ${HOSTCONF}
echo ' Allow from all' >> ${HOSTCONF}Should be changed to
Code:
echo ' Require all granted' >> ${HOSTCONF}Same goes for all apache conf files like httpd-directories-*.conf
See here for more info:
- http://httpd.apache.org/docs/2.4/upgrading.html
- https://www.apachelounge.com/viewtopic.php?p=28631#28631
Issue 2:
Also, Currently the httpd-directories-*.conf are too restrictive. For example currently there is a <Limit GET POST PROPFIND> which totally eliminates the DELETE and PUT methods, used by for example OwnCloud software.
My httpd-directories-*.conf are now looking like this:
Code:
<Directory />
Options SymLinksIfOwnerMatch
AllowOverride None
[B]Require all granted[/B]
</Directory>
<Directory /home>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,IncludesNOEXEC,Indexes,ExecCGI,MultiViews,SymLinksIfOwnerMatch,None
Options IncludesNoExec Includes SymLinksIfOwnerMatch ExecCGI
</Directory>
Include /etc/httpd/conf/extra/httpd-hostname.conf
<Directory /var/www/cgi-bin>
AllowOverride None
Options None
</Directory>Which works in my setup.