From: Joshua Slive <slive@apache.org>
Date: Sat, 19 Jan 2002 17:39:48 +0000 (+0000)
Subject: This example doesn't really do what it claims.  Instead, lets make it simpler
X-Git-Tag: 2.0.31~143
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fc561db10644a51486df0f2ba8373c24bcff6854;p=apache

This example doesn't really do what it claims.  Instead, lets make it simpler
by discussing ONLY the .htaccess issue.  The other issue is covered by the
next example.

PR: 9523


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92933 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/misc/security_tips.html b/docs/manual/misc/security_tips.html
index 5312228aad..a0910dc62e 100644
--- a/docs/manual/misc/security_tips.html
+++ b/docs/manual/misc/security_tips.html
@@ -201,22 +201,20 @@
     <p>To run a really tight ship, you'll want to stop users from
     setting up <code>.htaccess</code> files which can override
     security features you've configured. Here's one way to do
-    it...</p>
+    it.</p>
 
     <p>In the server configuration file, put</p>
 
     <blockquote>
       <code>&lt;Directory /&gt;<br />
        AllowOverride None<br />
-       Options None<br />
-       Allow from all<br />
        &lt;/Directory&gt;<br />
       </code>
     </blockquote>
     Then setup for specific directories
 
-    <p>This stops all overrides, Includes and accesses in all
-    directories apart from those named.</p>
+    <p>This prevents the use of <code>.htaccess</code> files in all
+    directories apart from those specifically enabled.</p>
     <hr />
 
     <h2><a id="protectserverfiles" name="protectserverfiles">