.htaccess not honoured anymore

Hi,

I recently enabled access control on all folders of my apache server by
adding the following section:


AuthzLDAPAuthoritative off
AuthBasicProvider ldap
AuthType Basic
....

Require valid-user


The idea is that I can refine this for every folder by adding something
like:


Require ldap-group ...


without having to copy the other Auth... directives (which contain the
username and password for my LDAP server).

This works fine, however after doing this all .htaccess files in user's
homedirectories are being ignored.

Any ideas how to fix this?

Nico




------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess not honoured anymore

Hmm,

following the troubleshooting section on
http://httpd.apache.org/docs/2.2/howto/htaccess.html I put some garbage
in the .htaccess and got a server error. So the .htaccess is read,
however the 'require' directive doesn't seem to have any effect anymore?

Nico

On Wed, 2009-09-16 at 17:10 +0200, Nico De Ranter wrote:
> Hi,
>
> I recently enabled access control on all folders of my apache server by
> adding the following section:
>
>
> AuthzLDAPAuthoritative off
> AuthBasicProvider ldap
> AuthType Basic
> ...
>
> Require valid-user
>
>
> The idea is that I can refine this for every folder by adding something
> like:
>
>
> Require ldap-group ...
>
>
> without having to copy the other Auth... directives (which contain the
> username and password for my LDAP server).
>
> This works fine, however after doing this all .htaccess files in user's
> homedirectories are being ignored.
>
> Any ideas how to fix this?
>
> Nico
>
>
>
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org



------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess not honoured anymore

One more note: I grepped all the apache config files for
'allowoverride': all of them are either 'All' or 'None' (in which case
garbage in .htaccess shouldn't result in a server error as it won't be
read at all). So I'm sure .htaccess is read and no allowoverride
statement keeps me from using 'require', but it still doesn't work. Any
ideas what else may be wrong?

Nico

On Wed, 2009-09-16 at 17:51 +0200, Nico De Ranter wrote:
> Hmm,
>
> following the troubleshooting section on
> http://httpd.apache.org/docs/2.2/howto/htaccess.html I put some garbage
> in the .htaccess and got a server error. So the .htaccess is read,
> however the 'require' directive doesn't seem to have any effect anymore?
>
> Nico
>
> On Wed, 2009-09-16 at 17:10 +0200, Nico De Ranter wrote:
> > Hi,
> >
> > I recently enabled access control on all folders of my apache server by
> > adding the following section:
> >
> >
> > AuthzLDAPAuthoritative off
> > AuthBasicProvider ldap
> > AuthType Basic
> > ...
> >
> > Require valid-user
> >
> >
> > The idea is that I can refine this for every folder by adding something
> > like:
> >
> >
> > Require ldap-group ...
> >
> >
> > without having to copy the other Auth... directives (which contain the
> > username and password for my LDAP server).
> >
> > This works fine, however after doing this all .htaccess files in user's
> > homedirectories are being ignored.
> >
> > Any ideas how to fix this?
> >
> > Nico
> >
> >
> >
> >
> > ------------------------------------------------------------ ---------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > " from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org



------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess not honoured anymore

2009/9/16 Nico De Ranter :
> however the 'require' directive doesn't seem to have any effect anymore?

You're overriding it with your definition. A location
section overrides directives placed in .htaccess files, see
http://httpd.apache.org/docs/2.2/sections.html#mergin

Bob

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: .htaccess not honoured anymore

Doh, that explains a couple of things.

Thanks for the link!

Nico


On Wed, 2009-09-16 at 18:22 +0200, Bob Ionescu wrote:
> 2009/9/16 Nico De Ranter :
> > however the 'require' directive doesn't seem to have any effect anymore?
>
> You're overriding it with your definition. A location
> section overrides directives placed in .htaccess files, see
> http://httpd.apache.org/docs/2.2/sections.html#mergin
>
> Bob
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org



------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Industry Acceptable % of Timeout failures (502s)

--=_alternative 000C06AA8825763B_=
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

Hello, is there an industry standard for acceptable % of Timeout related=20
failures on one's website ?

We have a server farm of 3 Apache RP proxying almost everything to the=20
back-end content and app farms of about 40-50 servers. The user base is=20
small but fairly active (about 2.5mil hits per day & 17GB-20GB traffic=20
served from all RPs combined)

We have a current Timeout related 502 messages of about 0.3% of the total=20
successful hits (http 200). Is that on the high side or acceptable? If=20
there is an website about the same, please point me to it.

The reason I ask is that we are very short handed and we cannot go really=20
chasing the App or the content folks for every 502s getting logged.

regards
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=20
- -=20
JB


--=_alternative 000C06AA8825763B_=
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

Hello, is there an industry standard for
acceptable % of Timeout related failures on one's website ?

<=
font size=3D2 face=3D"sans-serif">We have a server farm of 3 Apache RP
proxying almost everything to the back-end content and app farms of about
40-50 servers. The user base is small but fairly active (about 2.5mil hits
per day & 17GB-20GB traffic served from all RPs combined)
>We have a current Timeout related 502
messages of about 0.3% of the total successful hits (http 200).  Is
that on the high side or acceptable? If there is an website about the same,
please point me to it.

The=
reason I ask is that we are very
short handed and we cannot go really chasing the App or the content folks
for every 502s getting logged.

rif">regards
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=
- - - - - -
- - -
JB

--=_alternative 000C06AA8825763B_=--