Project

General

Profile

Feature #1421

access_allow directive for lighttpd

Added by japc over 9 years ago. Updated about 1 year ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
mod_access
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Missing in 1.5.x:

Description

Patch to add an access_allow directive to lighttpd where everything not
listed is denied (usefull, for instance to only allow, .jpg, .gif, on
static servers, blocking that way the .inc, .conf, .php, .php~, etc. that
may me lurking).

The patch is as simple as it can get and is not intrusive in any way.

It would be nice not having to patch lighttpd in each upgrade and it may
be useful to someone else.

lighttpd-1.4.16-access_allow.diff (2.63 KB) lighttpd-1.4.16-access_allow.diff lighttpd-1.4.16-access_allow.diff japc, 2008-06-05 15:13
lighttpd-1.4.19-access_allow.diff (2.63 KB) lighttpd-1.4.19-access_allow.diff lighttpd-1.4.19-access_allow.diff japc, 2008-06-05 15:15

Related issues

Related to Feature #1682: access_allow directive for lighttpd 1.5.0Obsolete

Associated revisions

Revision ce7d040b (diff)
Added by gstrauss about 1 year ago

[mod_access] new directive url.access-allow (fixes #1421)

url.access-allow is list of allowed url suffixes (e.g. file extensions)
If url.access-allow has been set, then deny any URL that does not match
the explicitly listed suffixes.

(thx japc)

x-ref:
"access_allow directive for lighttpd"
https://redmine.lighttpd.net/issues/1421

History

#1 Updated by gstrauss about 1 year ago

  • Description updated (diff)
  • Assignee deleted (jan)
  • Target version changed from 1.5.0 to 1.4.x

#2 Updated by gstrauss about 1 year ago

  • Status changed from New to Patch Pending
  • Target version changed from 1.4.x to 1.4.40

#3 Updated by gstrauss about 1 year ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100

#4 Updated by gstrauss about 1 year ago

  • Related to Feature #1682: access_allow directive for lighttpd 1.5.0 added

Also available in: Atom