From 5dce0db661bb3fac9f80df15af39e6beba37b7e2 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Mon, 2 Mar 2015 20:25:41 +0100 Subject: [PATCH] dont create 'require all granted' if the directory is protected by a customer (htaccess), fixes #1455 (again); thx to Laryllian Signed-off-by: Michael Kaufmann (d00p) --- .../jobs/cron_tasks.inc.http.15.apache_fcgid.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php index 1a3042c4..d21c6baf 100644 --- a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php +++ b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php @@ -58,7 +58,12 @@ class apache_fcgid extends apache $php_options_text.= ' ' . "\n"; // >=apache-2.4 enabled? if (Settings::Get('system.apache24') == '1') { - $php_options_text.= ' Require all granted' . "\n"; + $mypath_dir = new frxDirectory($domain['documentroot']); + // only create the require all granted if there is not active directory-protection + // for this path, as this would be the first require and therefore grant all access + if ($mypath_dir->isUserProtected() == false) { + $php_options_text.= ' Require all granted' . "\n"; + } } else { $php_options_text.= ' Order allow,deny' . "\n"; $php_options_text.= ' allow from all' . "\n"; @@ -90,7 +95,12 @@ class apache_fcgid extends apache $php_options_text.= ' ' . "\n"; // >=apache-2.4 enabled? if (Settings::Get('system.apache24') == '1') { - $php_options_text.= ' Require all granted' . "\n"; + $mypath_dir = new frxDirectory($domain['documentroot']); + // only create the require all granted if there is not active directory-protection + // for this path, as this would be the first require and therefore grant all access + if ($mypath_dir->isUserProtected() == false) { + $php_options_text.= ' Require all granted' . "\n"; + } } else { $php_options_text.= ' Order allow,deny' . "\n"; $php_options_text.= ' allow from all' . "\n";