→Solution: Added link to Apache AllowOverride documentation
Line 18:
Line 18:
Restarting httpd-e-smith [ OK ]
Restarting httpd-e-smith [ OK ]
−
Again, this is only recommended if there is a legitimate need for system users to independently change web access controls. If this is enabled, the system administrator should regularly monitor the contents of .htaccess files to ensure security is not compromised.
+
AllowOverride can be set to values other than "All", and should be set as narrowly as possible to meet users' needs. Consult the [http://httpd.apache.org/docs/current/mod/core.html#allowoverride Apache documentation] for valid values of this parameter. Again, this is only recommended if there is a legitimate need for system users to independently change web access controls. If this is enabled, the system administrator should regularly monitor the contents of .htaccess files to ensure security is not compromised.
==== Determining contents of htaccess fragment ====
==== Determining contents of htaccess fragment ====