httpd.conf and directory index

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view

httpd.conf and directory index

Markus Rosjat
hi there,

I can't get it around my head how this should work if different
locations have diffrent index files.

so I have a config like so:

server "domain.tld" {
         alias "*.domain.tld"

         listen on $ext_addr tls port https

         log error "domain_ssl_error"
         log access "domain_ssl_access"

         tls {
             certificate "/etc/ssl/web/domain.fullchain.pem"
             key "/etc/ssl/web/keys/domain.key"

         root "/htdocs/domain.tld"
         directory { index index.html }

         location "/admin/*" {
             directory { index index.php }
             fastcgi socket "/run/php-fpm.sock"

             authenticate with "../domain_passwd"

         directory { index index.html }

         location "*.php" {
            fastcgi socket "/run/php-fpm.sock"


So this makes the site browsable and it works with the php scripts. So
now I expect that when I request https://domain.tld/admin/ I would get
the index.php loaded after I authenticated but I get a 404
On the other hand https://domain.tld/admin/index.php works fine.

Since the rules get evaluated top to bottom and stoping at first match I
should work because the second directory statement seems to work just
fine and it gets evaluated after the first location statement.

but well even the authenticate statement is, just in my opinion, wrong
on so many lvls and it also works ...

could someone that is more skilled in httpd.conf give me some insight here?


Markus Rosjat    fon: +49 351 8107223    mail: [hidden email]

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before
you print it, think about your responsibility and commitment to the

Reply | Threaded
Open this post in threaded view

Re: httpd.conf and directory index

Michael Hekeler

> Since the rules get evaluated top to bottom and stoping at first
> match

If this is true (which I don´t know - where did you get this
information?) then httpd would stop at line 15 and would try to find
index.html. So the request "https://domain.tld/admin/" will try
"https://domain.tld/admin/index.html" which isn´t available.

I would try the following:

1. don´t use  directory { index index.html }
   because index.html is the default  -  see httpd.conf(5)

2. in your conf file: delete lines 15, 18 and 24

3. delete this: location "/admin/*" { ... }

4. add to the server block (not in location):
     directory { index "index.php" }
     (enclose string values in double quotes)

5. add the authenticate directive to the server (not the location)

Something like this:

server ... {
  listen on $ext_if tls port 443
  authenticate with "..."
  log { ... }
  tls { ... }
  directory { index "index.php" }
  location "*.php" { fastcgi socket "/run/php-fpm.sock" }
  location "/noauth*" { no authenticate }
  root "..."