Apache AllowOverride Options Directive
I am trying to understand the following configuration (specific to FollowSymlinks and SymlinksIfOwnerMatch directives) in Directory section of an httpd.conf file:
<Directory "/home">
Options +All -FollowSymLinks +IncludesNOEXEC -Indexes +MultiViews +SymLinksIfOwnerMatch
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
Based on my understanding, it first disables FollowSymLinks and enables SymLinksIfOwnerMatch at the httpd.conf level and it applies to all the files and subdirectories present inside, /home.
The next directive, AllowOverride. By writing "All", it allows all the Directives belonging to FileInfo, AuthConfig, Indexes, Limit to be overriden by .htaccess files.
It explicitly mentions the list of Options that can be overriden by the .htaccess files.
So, it allows SymLinksIfOwnerMatch to be overriden by the .htaccess file.
Is my understanding correct?
Why does it allow SymLinksIfOwnerMatch to be overriden by the .htaccess file if it has explicitly mentioned in the line above that the SymLinksIfOwnerMatch is enabled?
Thanks.
Solution 1:
If you think of "allow override" as "allow user to change the setting" instead, it may become clearer. In this case, the user may disable SymLinksIfOwnerMatch
in their .htaccess
file.