From: Vincent Deffontaines <gryzor@apache.org>
Date: Tue, 2 Nov 2010 13:40:27 +0000 (+0000)
Subject: Porting previous commit on 2.2 doc, with a not about why .htaccess is bad when you... 
X-Git-Tag: 2.3.9~185
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=40809271aed2e1b88dc5bc33ce77402464058f8e;p=apache

Porting previous commit on 2.2 doc, with a not about why .htaccess is bad when you have access to main server config.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1030041 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/howto/htaccess.html.en b/docs/manual/howto/htaccess.html.en
index 496281a7e1..37207d0625 100644
--- a/docs/manual/howto/htaccess.html.en
+++ b/docs/manual/howto/htaccess.html.en
@@ -40,6 +40,9 @@ changes on a per-directory basis.</p>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="related" id="related">.htaccess files</a></h2>
+    <div class="note">You should avoid using <code>.htaccess</code> files completely if you have access to
+    httpd main server config file. Using <code>.htaccess</code> files slows down your Apache server.
+    Any directive that you can include in a <code>.htaccess</code> file is better set in a <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> block, as it will have the same effect with better performance.</div>
     <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/core.html">core</a></code></li><li><code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code></li><li><code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code></li><li><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="../mod/mod_include.html">mod_include</a></code></li><li><code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#accessfilename">AccessFileName</a></code></li><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code></li><li><code class="directive"><a href="../mod/core.html#sethandler">SetHandler</a></code></li><li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li><li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li><li><code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code></li><li><code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code></li><li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li></ul></td></tr></table>
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
@@ -103,7 +106,7 @@ changes on a per-directory basis.</p>
     <p>In general, you should only use <code>.htaccess</code> files when
     you don't have access to the main server configuration file. There is,
     for example, a common misconception that user authentication should
-    always be done in <code>.htaccess</code> files, and, in more recent years, 
+    always be done in <code>.htaccess</code> files, and, in more recent years,
     another miscomception that <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> directives
     must go in <code>.htaccess</code> files. This is simply not the
     case. You can put user authentication configurations in the main server
@@ -124,7 +127,7 @@ changes on a per-directory basis.</p>
     <p>However, in general, use of <code>.htaccess</code> files should be
     avoided when possible. Any configuration that you would consider
     putting in a <code>.htaccess</code> file, can just as effectively be
-    made in a <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> section in your main server 
+    made in a <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> section in your main server
     configuration file.</p>
 
     <p>There are two main reasons to avoid the use of
@@ -397,7 +400,7 @@ Options +IncludesNoExec -ExecCGI<br />
     a level sufficient for the directive you've used. Consult the
     documentation for that particular directive to determine which is
     the case.</p>
-    
+
     <p>Alternately, it may tell you that you had a syntax error in your
     usage of the directive itself.</p>
 
diff --git a/docs/manual/howto/htaccess.xml b/docs/manual/howto/htaccess.xml
index 27cf03bbee..80aa013c5f 100644
--- a/docs/manual/howto/htaccess.xml
+++ b/docs/manual/howto/htaccess.xml
@@ -31,6 +31,9 @@ changes on a per-directory basis.</p>
 </summary>
 
 <section id="related"><title>.htaccess files</title>
+    <note>You should avoid using <code>.htaccess</code> files completely if you have access to
+    httpd main server config file. Using <code>.htaccess</code> files slows down your Apache server.
+    Any directive that you can include in a <code>.htaccess</code> file is better set in a <directive module="core">Directory</directive> block, as it will have the same effect with better performance.</note>
     <related>
         <modulelist>
             <module>core</module>
@@ -125,7 +128,7 @@ changes on a per-directory basis.</p>
     <p>In general, you should only use <code>.htaccess</code> files when
     you don't have access to the main server configuration file. There is,
     for example, a common misconception that user authentication should
-    always be done in <code>.htaccess</code> files, and, in more recent years, 
+    always be done in <code>.htaccess</code> files, and, in more recent years,
     another miscomception that <module>mod_rewrite</module> directives
     must go in <code>.htaccess</code> files. This is simply not the
     case. You can put user authentication configurations in the main server
@@ -147,13 +150,13 @@ changes on a per-directory basis.</p>
     avoided when possible. Any configuration that you would consider
     putting in a <code>.htaccess</code> file, can just as effectively be
     made in a <directive module="core"
-    type="section">Directory</directive> section in your main server 
+    type="section">Directory</directive> section in your main server
     configuration file.</p>
 
     <p>There are two main reasons to avoid the use of
     <code>.htaccess</code> files.</p>
 
-    <p>The first of these is performance. When <directive 
+    <p>The first of these is performance. When <directive
     module="core">AllowOverride</directive>
     is set to allow the use of <code>.htaccess</code> files, Apache will
     look in every directory for <code>.htaccess</code> files. Thus,
@@ -309,7 +312,7 @@ Options +IncludesNoExec -ExecCGI<br />
 &lt;/Location&gt;
     </example>
 
-    <note>This example assumes that your <directive 
+    <note>This example assumes that your <directive
     module="core">DocumentRoot</directive> is <code>/www/htdocs</code>.</note>
 </section>
 
@@ -325,7 +328,7 @@ Options +IncludesNoExec -ExecCGI<br />
     in a <directive module="core" type="section">Directory</directive>
     section, in your main server configuration file, is the preferred way
     to implement this, and <code>.htaccess</code> files should be used only
-    if you don't have access to the main server configuration file. See <a 
+    if you don't have access to the main server configuration file. See <a
     href="#when">above</a> for a discussion of when you should and should
     not use <code>.htaccess</code> files.</p>
 
@@ -430,7 +433,7 @@ Options +IncludesNoExec -ExecCGI<br />
     a level sufficient for the directive you've used. Consult the
     documentation for that particular directive to determine which is
     the case.</p>
-    
+
     <p>Alternately, it may tell you that you had a syntax error in your
     usage of the directive itself.</p>