When I send a request like this: GET /test/../../etc/passwd HTTP/1.0 Apache will report an error: AH00126: Invalid URI in request GET /test/../../etc/passwd HTTP/1.0 Reason: In file server/request.c line 154 ap_getparents() change r->uri from /test/../../etc/passwd to etc/passwd and etc/passwd is an invalid uri.