[#30649] - Syntax Error in preconfigured htaccess.txt file
- Closed
- 16 Sep 2020
- Critical
- Build: All
- # 30649
Steps to reproduce the issue
Preconfigured htaccess.txt has an important security error, the following is wrong:
<IfModule autoindex>
Expected result
Please correct to:
<IfModule mod_autoindex.c>
Actual result
IndexIgnore *
-> never executed!!
System information (as much as possible)
All apache web servers
Additional comments
Please update also documentation:
https://docs.joomla.org/Preconfigured_htaccess
joomla-cms-bot
- 
@otpfiste Are you sure that it is a syntax error?
According to https://httpd.apache.org/docs/trunk/en/mod/core.html#ifmodule both is possible, use the module identifier or the file name:
The module argument can be either the module identifier or the file name of the module, at the time it was compiled. For example, rewrite_module is the identifier and mod_rewrite.c is the file name.
Hmm, but according to https://httpd.apache.org/docs/2.4/mod/mod_autoindex.html, the module identifier is "autoindex_module" and not just "autoindex", so that could really be a problem.
Before reporting I tested it with just "autoindex" and it's not working. I suggest to change it to the more common module-file form like the other IfModule directives in htaccess.txt.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30649.
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-09-16 06:36:38 |
| Closed_By | ⇒ | SharkyKZ |
https://github.com/joomla/joomla-cms/security/policy