Denying access to error_log not working?

[optize]

cPanel has the following in httpd.conf to prevent direct access to error_log (which is a good thing!)

<Files ~ "^error_log$">
Order allow,deny
Deny from all

Satisfy All
</Files>

However, I noticed on my Litespeed boxes, that doesn't seem to work, while it works fine on my Apache boxes. Can someone confirm that same behavior happens on boxes other than my own? You can test by finding a error_log in a customer directory, and try to go to it via your web browser.

 

[mistwang]

That configuration is ignored by LiteSpeed for the sake of performance.

you can block access to those files with a rewrite rule or security rule.

if it is a security threaten, just disable PHP error logging to that file, everything should be Apache log file and user can access those errors from cpanel.

 

[optize]

That configuration is ignored by LiteSpeed for the sake of performance.

you can block access to those files with a rewrite rule or security rule.

if it is a security threaten, just disable PHP error logging to that file, everything should be Apache log file and user can access those errors from cpanel.

Are you sure? This one works:

<Files ~ "^spam.html$">
Order allow,deny
Deny from all

Satisfy All
</Files>

Why wouldn't error_log not work?

 

[CodyRo]

Are you sure? This one works:

<Files ~ "^spam.html$">
Order allow,deny
Deny from all

Satisfy All
</Files>

Why wouldn't error_log not work?

He said it's explicitly ignored for performance.

@George what sort of performance hit is this really taking? In a shared environment it's usual to have PHP error logging enabled.

In the interim you could adjust the rule so it's not ignored. IE removing the $ regex or using a FilesMatch directory which appears to not be ignored.