"Deny from all" in Apache config is deprecated
Closed, ResolvedPublic
Actions

Description

There's a number of places where we create/have .htaccess files with "Deny from all", which was deprecated in Apache 2.4 (initially released in 2012). The replacement appears to be "Require all denied".

This was originally filed as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064797.

Details

Subject	Repo	Branch	Lines +/-
Update Apache config syntax in .htaccess files	mediawiki/extensions/MobileFrontend	master	+3 -3
Update Apache config syntax in .htaccess files	mediawiki/extensions/Popups	master	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/skins/MinervaNeue	master	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/extensions/Flow	master	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/extensions/WikimediaMaintenance	master	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/core	REL1_41	+11 -11
Update Apache config syntax in .htaccess files	mediawiki/core	REL1_40	+11 -11
Update Apache config syntax in .htaccess files	mediawiki/core	REL1_39	+11 -11
Update Apache config syntax in .htaccess files	mediawiki/vendor	REL1_40	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/vendor	REL1_39	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/vendor	REL1_41	+1 -1
Update Apache config syntax in .htaccess files	mediawiki/core	master	+11 -11
Update Apache config syntax in .htaccess files	mediawiki/vendor	master	+1 -1

Event Timeline

Legoktm created this task.Mar 24 2024, 3:30 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 24 2024, 3:30 AM

Change #1013701 had a related patch set uploaded (by Legoktm; author: Legoktm):

[mediawiki/core@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1013701

Change #1013702 had a related patch set uploaded (by Legoktm; author: Legoktm):

[mediawiki/vendor@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1013702

Change #1013701 merged by jenkins-bot:

[mediawiki/core@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1013701

Change #1013702 merged by jenkins-bot:

[mediawiki/vendor@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1013702

ReleaseTaggerBot added a project: MW-1.42-notes (1.42.0-wmf.24; 2024-03-26).Mar 24 2024, 11:00 AM

Reedy added projects: MW-1.39-release, MW-1.40-release, MW-1.41-release.Mar 25 2024, 1:07 AM

Change #1014067 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/vendor@REL1_41] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014067

Change #1014068 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/vendor@REL1_40] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014068

Change #1014069 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/vendor@REL1_39] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014069

Change #1014070 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/core@REL1_41] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014070

Change #1014071 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/core@REL1_40] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014071

Change #1014072 had a related patch set uploaded (by Reedy; author: Legoktm):

[mediawiki/core@REL1_39] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014072

Change #1014067 merged by Zabe:

[mediawiki/vendor@REL1_41] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014067

Change #1014069 merged by Zabe:

[mediawiki/vendor@REL1_39] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014069

Change #1014068 merged by Zabe:

[mediawiki/vendor@REL1_40] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014068

Change #1014072 merged by jenkins-bot:

[mediawiki/core@REL1_39] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014072

Change #1014070 merged by jenkins-bot:

[mediawiki/core@REL1_41] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014070

Change #1014071 merged by jenkins-bot:

[mediawiki/core@REL1_40] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1014071

ReleaseTaggerBot added projects: MW-1.40-notes, MW-1.39-notes, MW-1.41-notes.Mar 25 2024, 10:00 PM

taavi closed this task as Resolved.Mar 30 2024, 10:44 PM

Change #1091916 had a related patch set uploaded (by Fomafix; author: Fomafix):

[mediawiki/extensions/MobileFrontend@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091916

Change #1091918 had a related patch set uploaded (by Fomafix; author: Fomafix):

[mediawiki/skins/MinervaNeue@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091918

Change #1091919 had a related patch set uploaded (by Fomafix; author: Fomafix):

[mediawiki/extensions/Flow@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091919

Change #1091920 had a related patch set uploaded (by Fomafix; author: Fomafix):

[mediawiki/extensions/Popups@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091920

Change #1091921 had a related patch set uploaded (by Fomafix; author: Fomafix):

[mediawiki/extensions/WikimediaMaintenance@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091921

Change #1091918 merged by jenkins-bot:

[mediawiki/skins/MinervaNeue@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091918

Change #1091920 merged by jenkins-bot:

[mediawiki/extensions/Popups@master] Update Apache config syntax in .htaccess files

https://gerrit.wikimedia.org/r/1091920

ReleaseTaggerBot added a project: MW-1.44-notes (1.44.0-wmf.4; 2024-11-19).Mon, Nov 18, 6:00 PM

Change #1091916 merged by jenkins-bot: