Apache httpd.conf directory security wildcard?

Trying to apply the same security via httpd.conf to a directory and all sub-directories.

<Directory /srv/www/htdocs/subdirectory > only applies to that directory. I can’t seem to find anywhere that states how to apply this to sub directories. Currently the rule is limiting access by IP address and it working correctly for the top level directory.

troykent wrote:
> Trying to apply the same security via httpd.conf to a directory and all
> sub-directories.
>
> <Directory /srv/www/htdocs/subdirectory > only applies to that
> directory.

That statement is not correct.
http://httpd.apache.org/docs/2.2/mod/core.html#directory

> I can’t seem to find anywhere that states how to apply this
> to sub directories.

Which is why you can’t find any information to the contrary.

> Currently the rule is limiting access by IP address
> and it working correctly for the top level directory.

So you clearly have some other problem. Perhaps you’d like to explain
more about:
(1) what your system looks like
(2) what you’re trying to do
(3) how you’ve configured it to do that and why you think it should work
(4) what exactly is going wrong

As always, please provide computer output, properly quoted. In this
case, include error log output for accesses that you claim are not working.

I fixed the issue. One of my developers had put the code below to allow .htaccess files to function (but didn’t change the AllowOverride) for our root directory or the dev folder. Once I commented this out the directive for our dev folder was propogated down to it’s subfolders correctly.
I guess I’m curious why that fixed the issue? To explain our setup, under the root for the web (htdocs) we have a dev folder that we want limited to internal IP’s only. However because of the code below we had to create a <Directory> entry for each sub folder of dev to maintain the correct access. Otherwise we got a 403 on those sub folders.

AccessFileName .htaccess
 and never show them
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

All of this started because our host solution screwed up our PHP.ini and we had to switch to our internal server as a last resort. So now I’m getting a crash course in Apache. We are looking for a new host. I don’t mind punching a hole in the firewall for the NAT translation but I’d rather now trust our single ISP and disk… to many single points of failure.

DJH-Novell - thanks for taking the time to help me out. It is appreciated.

troykent wrote:
> I fixed the issue.

Glad to hear that.

> I guess I’m curious why that fixed the issue?

I don’t know that specific answer, I’m afraid.

> To explain our setup, under the root for the web (htdocs) we have a
> dev folder that we want limited to internal IP’s only.

That sounds like a fairly fragile solution. I would try a different
solution. Perhaps:

(1) find a different box to run the dev service
(2) run the dev service as a separate vhost / port
(3) make the dev file tree separate from the production one, rather than
a subdirectory (use apache directives to map)

> So now I’m getting a crash course in Apache.

Apache’s generally pretty good. The documentation is fairly complete and
accurate, once you find the correct section. Plus there are lots of
how-tos etc to answer particular queries and help you locate the correct
section.

Cheers, Dave