[NTLUG:Discuss] Apache under Debian
brian@pongonova.net
brian at pongonova.net
Sat Dec 22 21:22:45 CST 2001
Debian apache package question:
The Debian apache package seems to stray somewhat from the "stock" apache
distribution, especially in the way .conf files are handled. The stock distro
recommends placing all directives in httpd.conf to "avoid confusion," leaving
access.conf and srm.conf essentially empty (this is the way I've always configured
apache). The Debian package, OTOH, has split the original httpd.conf into both
access.conf and srm.conf files.
I've also noticed the Debian package has all directories under the DocumentRoot
accessible by all by default, whereas apache is careful to deny access to all by
default. This seems like a security issue to me, and it has me wondering what else
the Debian package maintainer has changed from the stock distribution...anything in
particular I need to look for in this regard (relaxed security)?
The more I play with Debian, the more unimpressed I become...
--Brian
More information about the Discuss
mailing list