Denying access to error_log not working?

Discussion in 'General' started by optize, Mar 8, 2012.

  1. optize

    optize New Member

    cPanel has the following in httpd.conf to prevent direct access to error_log (which is a good thing!)

    <Files ~ "^error_log$">
    Order allow,deny
    Deny from all

    Satisfy All
    </Files>

    However, I noticed on my Litespeed boxes, that doesn't seem to work, while it works fine on my Apache boxes. Can someone confirm that same behavior happens on boxes other than my own? You can test by finding a error_log in a customer directory, and try to go to it via your web browser.
  2. mistwang

    mistwang LiteSpeed Staff

    That configuration is ignored by LiteSpeed for the sake of performance.

    you can block access to those files with a rewrite rule or security rule.

    if it is a security threaten, just disable PHP error logging to that file, everything should be Apache log file and user can access those errors from cpanel.
  3. optize

    optize New Member

    Are you sure? This one works:

    <Files ~ "^spam.html$">
    Order allow,deny
    Deny from all

    Satisfy All
    </Files>

    Why wouldn't error_log not work?
  4. CodyRo

    CodyRo New Member

    He said it's explicitly ignored for performance.

    @George what sort of performance hit is this really taking? In a shared environment it's usual to have PHP error logging enabled.

    In the interim you could adjust the rule so it's not ignored. IE removing the $ regex or using a FilesMatch directory which appears to not be ignored.

Share This Page