.htaccess depth to recurse

[alexvicol]

Hi,
I've been using the following "tweak" with a .htaccess at the location: /home/.htaccess what had:

order allow,deny
allow from all

deny from XX.XX.XX.XX

This tweak helped me stop unwanted visitors for all my cPanel accounts ( I had ".htaccess depth to recurse" set to 5 ) and not create a .htaccess rule in every cPanel account.

After a litespeed update ( 4.2.6 I think ) it doesn't work anymore.
How can I solve this?

Thanks.

 

[NiteWave]

I think the possible change in 4.2.6 is to improve the compatibility with apache.
does your trick work on apache 2 ?
this info is important to lsws.

 

[alexvicol]

Just switched to apache for one minute and it works.

 

[mistwang]

Which version of LiteSpeed is used before 4.2.6 update.

 

[alexvicol]

4.2.4 , I think.
I'm not sure what version I had when I installed this trick, but It's not older than 4.2.4

 

[NiteWave]

lsws web admin -> Actions -> Version Manager
can see all installed versions and switch between them without downtime since it's graceful restart.

you can switch to different version to determine which version has broken the trick.

 

[alexvicol]

It looks like on litespeed it doesn't work.
I've switched through all versions of lsws installed.
But I remember it worked on 4.2.4 when I've configured this .htaccess.

Anyway, on apache it looks like it works.

 

[mistwang]

LSWS does not check .htaccess beyond the user's root directory, for performance reason.

However, we will add a feature in 5.0 release to check .htaccess beyond user's root directory during initial configuration, it means that if you make change to /home/.htaccess, it require a restart, we do not expect it to happen frequently.

In the mean time, you can add the ACL rules with <Directory /home> ... </Directory> in httpd.conf . Or, just add that to <Directory /> context.