From e8c29d9273f9edac2f124e9100c6d661df88adfb Mon Sep 17 00:00:00 2001 From: Daniel Gruno Date: Wed, 25 Apr 2012 13:11:40 +0000 Subject: [PATCH] Add highlighting for howto/ git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1330260 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/howto/access.html.en | 38 ++++--- docs/manual/howto/access.xml | 34 +++--- docs/manual/howto/auth.html.en | 155 +++++++++++++------------- docs/manual/howto/auth.xml | 144 +++++++++++------------- docs/manual/howto/cgi.html.fr | 2 + docs/manual/howto/htaccess.html.en | 53 ++++----- docs/manual/howto/htaccess.xml | 48 ++++---- docs/manual/howto/public_html.html.en | 36 +++--- docs/manual/howto/public_html.xml | 30 ++--- docs/manual/howto/ssi.html.en | 15 ++- docs/manual/howto/ssi.xml | 12 +- 11 files changed, 279 insertions(+), 288 deletions(-) diff --git a/docs/manual/howto/access.html.en b/docs/manual/howto/access.html.en index 24c14ff7fa..154821d0d2 100644 --- a/docs/manual/howto/access.html.en +++ b/docs/manual/howto/access.html.en @@ -68,10 +68,11 @@

The usage of these directives is:

-

- Require host address
+ 

+      Require host address
       Require ip ip.address
-
+ +

In the first form, address is a fully qualified domain name (or a partial domain name); you may provide multiple @@ -105,11 +106,12 @@

And, if you'd like to block access from an entire domain, you can specify just part of an address or domain name:

-

- Require not ip 192.168.205
- Require not host phishers.example.com moreidiots.example
+ 

+      Require not ip 192.168.205
+      Require not host phishers.example.com moreidiots.example
       Require not gov
-
+ +

Use of the RequireAll, RequireAny, and RequireNone directives may be used to enforce more complex sets of requirements.

@@ -124,13 +126,12 @@ based on user-agent (the browser type) you might do the following:

-

- <If "%{HTTP_USER_AGENT} = 'BadBot'">
- - Require All Denied
- + 

+    <If "%{HTTP_USER_AGENT} = 'BadBot'">
+        Require All Denied
     </If>
-
+ +

Warning:

Access control by User-Agent is an unreliable technique, @@ -153,12 +154,13 @@

For example, if you wish to block access to a resource between 8pm and 6am, you can do this using mod_rewrite.

-

- RewriteEngine On
- RewriteCond %{TIME_HOUR} >20 [OR]
- RewriteCond %{TIME_HOUR} <07
+ 

+    RewriteEngine On
+    RewriteCond %{TIME_HOUR} >20 [OR]
+    RewriteCond %{TIME_HOUR} <07
     RewriteRule ^/fridge - [F]
-
+ +

This will return a 403 Forbidden response for any request after 8pm or before 7am. This technique can be used for any criteria that you wish diff --git a/docs/manual/howto/access.xml b/docs/manual/howto/access.xml index fe386be2aa..62ffd60075 100644 --- a/docs/manual/howto/access.xml +++ b/docs/manual/howto/access.xml @@ -67,10 +67,10 @@

The usage of these directives is:

- - Require host address
+ + Require host address Require ip ip.address - +

In the first form, address is a fully qualified domain name (or a partial domain name); you may provide multiple @@ -104,11 +104,11 @@

And, if you'd like to block access from an entire domain, you can specify just part of an address or domain name:

- - Require not ip 192.168.205
- Require not host phishers.example.com moreidiots.example
+ + Require not ip 192.168.205 + Require not host phishers.example.com moreidiots.example Require not gov - +

Use of the RequireAll, - - <If "%{HTTP_USER_AGENT} = 'BadBot'">
- - Require All Denied
- + + <If "%{HTTP_USER_AGENT} = 'BadBot'"> + Require All Denied </If> - + Warning:

Access control by User-Agent is an unreliable technique, @@ -156,12 +154,12 @@

For example, if you wish to block access to a resource between 8pm and 6am, you can do this using mod_rewrite.

- - RewriteEngine On
- RewriteCond %{TIME_HOUR} >20 [OR]
- RewriteCond %{TIME_HOUR} <07
+ + RewriteEngine On + RewriteCond %{TIME_HOUR} >20 [OR] + RewriteCond %{TIME_HOUR} <07 RewriteRule ^/fridge - [F] - +

This will return a 403 Forbidden response for any request after 8pm or before 7am. This technique can be used for any criteria that you wish diff --git a/docs/manual/howto/auth.html.en b/docs/manual/howto/auth.html.en index c069f5c898..21aa5daea4 100644 --- a/docs/manual/howto/auth.html.en +++ b/docs/manual/howto/auth.html.en @@ -142,9 +142,10 @@ module from each group.

an AllowOverride directive like the following:

-

+ 

       AllowOverride AuthConfig
-
+ +

Or, if you are just going to put the directives directly in your main server configuration file, you will of course need to @@ -216,14 +217,15 @@ module from each group.

placed in httpd.conf inside a <Directory /usr/local/apache/htdocs/secret> section.

-

- AuthType Basic
- AuthName "Restricted Files"
- # (Following line optional)
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
+ 

+      AuthType Basic
+      AuthName "Restricted Files"
+      # (Following line optional)
+      AuthBasicProvider file
+      AuthUserFile /usr/local/apache/passwd/passwords
       Require user rbowen
-
+ +

Let's examine each of those directives individually. The AuthType directive selects that method that is used to authenticate the user. The most @@ -313,15 +315,16 @@ person in

Now, you need to modify your .htaccess file to look like the following:

-

- AuthType Basic
- AuthName "By Invitation Only"
- # Optional line:
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthGroupFile /usr/local/apache/passwd/groups
+ 

+      AuthType Basic
+      AuthName "By Invitation Only"
+      # Optional line:
+      AuthBasicProvider file
+      AuthUserFile /usr/local/apache/passwd/passwords
+      AuthGroupFile /usr/local/apache/passwd/groups
       Require group GroupName
-
+ +

Now, anyone that is listed in the group GroupName, and has an entry in the password file, will be let in, if @@ -379,17 +382,16 @@ person in

To select a dbd file rather than a text file, for example:

-

- <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider dbm
- AuthDBMUserFile /www/passwords/passwd.dbm
- Require valid-user
- + 

+    <Directory /www/docs/private>
+        AuthName "Private"
+        AuthType Basic
+        AuthBasicProvider dbm
+        AuthDBMUserFile /www/passwords/passwd.dbm
+        Require valid-user
     </Directory>
-
+ +

Other options are available. Consult the mod_authn_dbm documentation for more details.

@@ -404,18 +406,17 @@ person in scheme that meets your needs. In the following example, both the file and LDAP based authentication providers are being used.

-

- <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider file ldap
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthLDAPURL ldap://ldaphost/o=yourorg
- Require valid-user
- + 

+    <Directory /www/docs/private>
+        AuthName "Private"
+        AuthType Basic
+        AuthBasicProvider file ldap
+        AuthUserFile /usr/local/apache/passwd/passwords
+        AuthLDAPURL ldap://ldaphost/o=yourorg
+        Require valid-user
     </Directory>
-
+ +

In this example the file provider will attempt to authenticate the user first. If it is unable to authenticate the user, the LDAP @@ -430,20 +431,19 @@ person in authorization methods can also be used. In this example both file group authorization as well as LDAP group authorization is being used.

-

- <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthLDAPURL ldap://ldaphost/o=yourorg - AuthGroupFile /usr/local/apache/passwd/groups
- Require group GroupName
- Require ldap-group cn=mygroup,o=yourorg
- + 

+    <Directory /www/docs/private>
+        AuthName "Private"
+        AuthType Basic
+        AuthBasicProvider file
+        AuthUserFile /usr/local/apache/passwd/passwords
+        AuthLDAPURL ldap://ldaphost/o=yourorg
+        AuthGroupFile /usr/local/apache/passwd/groups
+        Require group GroupName
+        Require ldap-group cn=mygroup,o=yourorg
     </Directory>
-
+ +

To take authorization a little further, authorization container directives such as @@ -521,16 +521,18 @@ person in that will be called during the authorization stage of the request processing. For example:

-

+ 

           Require ip address
-
+ +

where address is an IP address (or a partial IP address) or:

-

+ 

           Require host domain_name
-
+ +

where domain_name is a fully qualified domain name (or a partial domain name); you may provide multiple addresses or @@ -540,45 +542,40 @@ person in board, and you want to keep them out, you could do the following:

-

+ 

           <RequireAll>
-          
-            Require all granted

+            Require all granted
             Require not ip 10.252.46.165
-          
           </RequireAll>
-
+ +

Visitors coming from that address will not be able to see the content covered by this directive. If, instead, you have a machine name, rather than an IP address, you can use that.

-

+ 

           <RequireAll>
-          
-            Require all granted

+            Require all granted
             Require not host host.example.com
-          
           </RequireAll>
-
+ +

And, if you'd like to block access from an entire domain, you can specify just part of an address or domain name:

-

- <RequireAll> - - Require all granted
- <RequireNone> - - Require ip 192.168.205
- Require host phishers.example.com moreidiots.example
- Require host ke - - </RequireNone> - - </RequireAll> -

+ 
+  <RequireAll>
+    Require all granted
+    <RequireNone>
+      Require ip 192.168.205
+      Require host phishers.example.com moreidiots.example
+      Require host ke
+    </RequireNone>
+  </RequireAll>
+
+

The above example uses the <RequireNone> directive to make sure that none of the diff --git a/docs/manual/howto/auth.xml b/docs/manual/howto/auth.xml index 1c8c019e53..01e139818c 100644 --- a/docs/manual/howto/auth.xml +++ b/docs/manual/howto/auth.xml @@ -127,9 +127,9 @@ module from each group.

an AllowOverride directive like the following:

- + AllowOverride AuthConfig - +

Or, if you are just going to put the directives directly in your main server configuration file, you will of course need to @@ -201,14 +201,14 @@ module from each group.

placed in httpd.conf inside a <Directory /usr/local/apache/htdocs/secret> section.

- - AuthType Basic
- AuthName "Restricted Files"
- # (Following line optional)
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
+ + AuthType Basic + AuthName "Restricted Files" + # (Following line optional) + AuthBasicProvider file + AuthUserFile /usr/local/apache/passwd/passwords Require user rbowen - +

Let's examine each of those directives individually. The AuthType directive selects @@ -305,15 +305,15 @@ person in

Now, you need to modify your .htaccess file to look like the following:

- - AuthType Basic
- AuthName "By Invitation Only"
- # Optional line:
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthGroupFile /usr/local/apache/passwd/groups
+ + AuthType Basic + AuthName "By Invitation Only" + # Optional line: + AuthBasicProvider file + AuthUserFile /usr/local/apache/passwd/passwords + AuthGroupFile /usr/local/apache/passwd/groups Require group GroupName - +

Now, anyone that is listed in the group GroupName, and has an entry in the password file, will be let in, if @@ -372,17 +372,15 @@ person in

To select a dbd file rather than a text file, for example:

- - <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider dbm
- AuthDBMUserFile /www/passwords/passwd.dbm
- Require valid-user
- + + <Directory /www/docs/private> + AuthName "Private" + AuthType Basic + AuthBasicProvider dbm + AuthDBMUserFile /www/passwords/passwd.dbm + Require valid-user </Directory> - +

Other options are available. Consult the mod_authn_dbm documentation for more details.

@@ -397,18 +395,16 @@ person in scheme that meets your needs. In the following example, both the file and LDAP based authentication providers are being used.

- - <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider file ldap
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthLDAPURL ldap://ldaphost/o=yourorg
- Require valid-user
- + + <Directory /www/docs/private> + AuthName "Private" + AuthType Basic + AuthBasicProvider file ldap + AuthUserFile /usr/local/apache/passwd/passwords + AuthLDAPURL ldap://ldaphost/o=yourorg + Require valid-user </Directory> - +

In this example the file provider will attempt to authenticate the user first. If it is unable to authenticate the user, the LDAP @@ -423,20 +419,18 @@ person in authorization methods can also be used. In this example both file group authorization as well as LDAP group authorization is being used.

- - <Directory /www/docs/private>
- - AuthName "Private"
- AuthType Basic
- AuthBasicProvider file
- AuthUserFile /usr/local/apache/passwd/passwords
- AuthLDAPURL ldap://ldaphost/o=yourorg - AuthGroupFile /usr/local/apache/passwd/groups
- Require group GroupName
- Require ldap-group cn=mygroup,o=yourorg
- + + <Directory /www/docs/private> + AuthName "Private" + AuthType Basic + AuthBasicProvider file + AuthUserFile /usr/local/apache/passwd/passwords + AuthLDAPURL ldap://ldaphost/o=yourorg + AuthGroupFile /usr/local/apache/passwd/groups + Require group GroupName + Require ldap-group cn=mygroup,o=yourorg </Directory> - +

To take authorization a little further, authorization container directives such as @@ -514,16 +508,16 @@ person in that will be called during the authorization stage of the request processing. For example:

- + Require ip address - +

where address is an IP address (or a partial IP address) or:

- + Require host domain_name - +

where domain_name is a fully qualified domain name (or a partial domain name); you may provide multiple addresses or @@ -533,45 +527,37 @@ person in board, and you want to keep them out, you could do the following:

- + <RequireAll> - - Require all granted
+ Require all granted Require not ip 10.252.46.165 - </RequireAll> - +

Visitors coming from that address will not be able to see the content covered by this directive. If, instead, you have a machine name, rather than an IP address, you can use that.

- + <RequireAll> - - Require all granted
+ Require all granted Require not host host.example.com - </RequireAll> - +

And, if you'd like to block access from an entire domain, you can specify just part of an address or domain name:

- - <RequireAll> - - Require all granted
- <RequireNone> - - Require ip 192.168.205
- Require host phishers.example.com moreidiots.example
- Require host ke - - </RequireNone> - - </RequireAll> - + + <RequireAll> + Require all granted + <RequireNone> + Require ip 192.168.205 + Require host phishers.example.com moreidiots.example + Require host ke + </RequireNone> + </RequireAll> +

The above example uses the RequireNone directive diff --git a/docs/manual/howto/cgi.html.fr b/docs/manual/howto/cgi.html.fr index ca77ea36e0..161c523740 100644 --- a/docs/manual/howto/cgi.html.fr +++ b/docs/manual/howto/cgi.html.fr @@ -26,6 +26,8 @@  ja  |  ko 

+
Cette traduction peut être périmée. Vérifiez la version + anglaise pour les changements récents.