Bug 217850 - www/joomla3 update to apache2 of example config for joomla3
Summary: www/joomla3 update to apache2 of example config for joomla3
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Larry Rosenman
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-16 17:51 UTC by dirkx
Modified: 2017-03-18 03:13 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (ler)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dirkx 2017-03-16 17:51:39 UTC
The example shown post install should be improved to something like:

  ### Add the AcceptPathInfo directive only for Apache 2.0.30 or later.
  Alias /joomla /usr/local/www/joomla3/
  AcceptPathInfo On

  AddHandler php5-script php
  DirectoryIndex    index.php

  <Directory /usr/local/www/joomla3>
      AllowOverride None
      Require all granted
  </Directory>

to match apaches new config auth.
Comment 1 Larry Rosenman freebsd_committer freebsd_triage 2017-03-16 19:32:31 UTC
Can you point me to definitive documentation on this?  Also, your suggestion is php5 centric, and will break php7+ (where the module name is php7_module). 

Thanks
Comment 2 dirkx 2017-03-16 19:45:08 UTC
That is a fair point - so perhaps best to leave the 'AddHandler' to the PHP port to install (or the user to do him/herself -- as it is not bad from a security perspective).

The crux its really the 'Require all granted' versus the 'Allow from All' in the previous take. 

As per https://httpd.apache.org/docs/trunk/mod/mod_authz_core.html -- the heading 'Require all says:

   Require all

   The all provider mimics the functionality that was previously provided by 
   the 'Allow from all' and 'Deny from all' directives. This provider can take 
   one of two arguments which are 'granted' or 'denied'. 

Not sure about the directory index; if one were very pedantic - one could move it inside the Directory; and even curtail the Options down None (and leave the Allow Override).
Comment 3 Larry Rosenman freebsd_committer freebsd_triage 2017-03-16 19:47:59 UTC
we still support apache22, so that requires the older syntax. 

When apache22 goes away, we can revisit this.
Comment 4 Larry Rosenman freebsd_committer freebsd_triage 2017-03-17 17:05:12 UTC
feedback from mat@:
Saying that you should add the AddHandler is a bad idea. It is not always true, many people use php through the fpm mechanism, this is why only the mod_php* ports tell you to add them.

I think I'll change the pkg-message to mention both syntaxes and what applies to which version.
Comment 5 commit-hook freebsd_committer freebsd_triage 2017-03-18 03:12:25 UTC
A commit references this bug:

Author: ler
Date: Sat Mar 18 03:11:56 UTC 2017
New revision: 436379
URL: https://svnweb.freebsd.org/changeset/ports/436379

Log:
  Update pkg message for apache 2.4 users for Apache 2.4's new security model.

  PR:	217850
  Submitted by: dirkx@webweaving.org
  Approved by:	adamw (mentor)
  Differential Revision:	https://reviews.freebsd.org/D10036

Changes:
  head/www/joomla3/Makefile
  head/www/joomla3/files/pkg-message.in
Comment 6 Larry Rosenman freebsd_committer freebsd_triage 2017-03-18 03:13:03 UTC
Committed a revised version.  Thank You!