mod_sftp should fail on startup when SFTP and TLS are both enabled for a vhost #1434
Comments
Castaglia
added a commit
that referenced
this issue
Apr 29, 2022
…p, if we detect both `SFTPEngine on` _and_ `TLSEngine on` in effect for the same vhost, we fail the startup.
Castaglia
added a commit
that referenced
this issue
Apr 30, 2022
Issue #1434: Add a conformance check to mod_sftp such that, on startu…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have seen users' configurations where they are not using different
<VirtualHost>sections for FTP/FTPS vs SFTP servers, and instead have e.g.:This lets administrators think that they can support FTP/FTPS and SFTP using the same single vhost -- but they cannot. The protocols do not work that way.
So the scope of this task is to add detection of this sort of configuration to the
mod_sftpmodule (since it is a contrib module, not a core module), and to log a warning to the system log when this happens. Or perhapsmod_sftpshould check for such configurations on startup, and prevent the server from passing its config check? That would be better...The text was updated successfully, but these errors were encountered: