Home / server / Questions / 697993
In Process
Stefan Kendall
Asked: 2015-06-11 07:19:41 +0800 CST

Apache2 LocationMatch allow an index for login but nothing else?

  • 772

I want to allow /myapp and /myapp/ but disallow everything else. How do I configure this? I tried this:

<LocationMatch "^/myapp/.+$">
LDAP here
</LocationMatch>

Which I would assume would NOT hit /myapp or /myapp/, but it appears that captures those URLs as well.

If I do 

<LocationMatch "^/myapp/specificsubdirectory/.*$">
LDAP here
</LocationMatch>

Then this works, but I want to block off all specific subdirectories in the app.

apache-2.4

2 Answers

  1. DirectoryIndex is applied before LocationMatch, rewriting the location to end with the directory index file (index.html, index.php and so on). Your pattern 

    ^/myapp/.+$

    matches, because it's actually applied to 

    /myapp/index.html
    • 0

  2. The regular expression is wrong. Try a pcretest(1):

    $ pcretest
PCRE version 8.37 2015-04-28

  re> /^\/myapp\/.+$/
data> /myapp
No match
data> /myapp/
No match
data>
  re> /^\/myapp(|\/)$/
data> /myapp
 0: /myapp
 1:
data> /myapp/
 0: /myapp/
 1: /
data> /myapp/foo
No match

    So a working <LocationMatch> directive would be:

    <LocationMatch "^/myapp(|/)$">
    • -1