The example shown post install should be improved to something like:
### Add the AcceptPathInfo directive only for Apache 2.0.30 or later.
Alias /joomla /usr/local/www/joomla3/
AddHandler php5-script php
Require all granted
to match apaches new config auth.
Can you point me to definitive documentation on this? Also, your suggestion is php5 centric, and will break php7+ (where the module name is php7_module).
That is a fair point - so perhaps best to leave the 'AddHandler' to the PHP port to install (or the user to do him/herself -- as it is not bad from a security perspective).
The crux its really the 'Require all granted' versus the 'Allow from All' in the previous take.
As per https://httpd.apache.org/docs/trunk/mod/mod_authz_core.html -- the heading 'Require all says:
The all provider mimics the functionality that was previously provided by
the 'Allow from all' and 'Deny from all' directives. This provider can take
one of two arguments which are 'granted' or 'denied'.
Not sure about the directory index; if one were very pedantic - one could move it inside the Directory; and even curtail the Options down None (and leave the Allow Override).
we still support apache22, so that requires the older syntax.
When apache22 goes away, we can revisit this.
feedback from mat@:
Saying that you should add the AddHandler is a bad idea. It is not always true, many people use php through the fpm mechanism, this is why only the mod_php* ports tell you to add them.
I think I'll change the pkg-message to mention both syntaxes and what applies to which version.
A commit references this bug:
Date: Sat Mar 18 03:11:56 UTC 2017
New revision: 436379
Update pkg message for apache 2.4 users for Apache 2.4's new security model.
Submitted by: email@example.com
Approved by: adamw (mentor)
Differential Revision: https://reviews.freebsd.org/D10036
Committed a revised version. Thank You!