I try to configure apache 2.2 server for webhosting and I have some configure issues with FollowSymLinks and SymLinksIfOwnerMatch. My problem is that I really don't want to allow FollowSymLinks becouse SymLinksIfOwnerMatch is safer.
The problem is that many CMS systems have .htaccess files with option + FollowSymLinks and if I don’t allow them I get support call to my help desk with questions about internal server errors…
So how did you solve this. Are you allowing FollowSymLinks? How does that impact the security in a hosted environment? Is it safe to allow this?
Or is it a way to use some type of alias so when I user enter options +FollowSymLinks in the .htaccess file apache will interpret this as SymLinksIfOwnerMatch?