[solve..]HT Access Options don't work

[quantum]

After some nice hacking partys on my LiteSpeed servers, i was shocked to see that renaming the .htaccess file and disabling "Overrides" doesn't work since i was switched to LSWS from Apache (months ago).

And to give them damn script kiddies best access, "Follow Symbolic Link: No" is also a dummy option.

I use LSWS in conjunction with Plesk. In httpd.conf, the AccessFileName is changed to .htsomething and in LSWS too. But LSWS uses .htaccess furthermore.

The hackers can easy use .htaccess with "Options Indexes FollowSymLinks" and i can nothing do against.

Luckely, LSWS4.1rc4 was released today with the "DisableCgiOverride On" -option to stop the damn hacking CGI's, but this is absolutely not enough.
I will hope that this is a configuration mistake of me.

 

[webizen]

Please use latest 4.0.19 and 4.1RC4.

 

[quantum]

Please use latest 4.0.19 and 4.1RC4.

I had test it with 4.0.17, 4.0.19 and 4.1RC4.
These options doesn't show any effect.

 

[mistwang]

try "force reinstall" from web console.

 

[quantum]

try "force reinstall" from web console.

Cool, thanks.
This works for renaming the .htaccess to another name.
But changing "Allow Override" in Configuration->Server->General->HT Access have no effect.
Commands like "Options Indexes FollowSymLinks" are fully functional.
To turn of FollowSymLinks i figured out that i have to enable "Check Symbolic Link"
Finaly, how can i disable "Allow Override" for Options and Indexes?

 

[mistwang]

"Allow Override" has no effect on vhosts configured via httpd.conf, you have do it in Apache configuration form httpd.conf.