[ale] Apache

Jerry Yu jjj863 at gmail.com
Thu Jun 1 15:53:54 EDT 2006


1) 'allow from' is scoped for the container. In the snippet, you only
restrict for /server-status
2) The Order directive should be 'Order allow, deny', to deny by
default. Your current 'Order deny,allow' is allow by default.

On 5/29/06, Terry Bailey <terry at bitlinx.com> wrote:
>
>
> The following is in my httpd.conf file:
>
>
> <Location /server-status>
> #   SetHandler server-status
>      Order deny,allow
>      Deny from all
>      Allow from 65.6.155.180
> </Location>
>
> The apache web server with which I am dealing is about 30 miles away from
> my house in a data center and is running on Solaris 9.
>
> The IP I show the world from my house is not 65.6.155.180,  yet I can still
> access the web site.
>
>
>
>
>
>
>
>
>
> At 02:16 PM 5/29/2006, you wrote:
>
> >If you look at the httpd.conf file, you will probably see at least
> >some sample <Location> blocks.  These will typically include
> >allow/deny pairs.
> >
> >For example:
> >
> ><Location /server-status>
> >     SetHandler server-status
> >     Order deny,allow
> >     Deny from all
> >     allow from 127.0.0.1
> >     allow from 192.168.0
> ></Location>
> >
> >That allows the path /server-status to be accessed *only* from the
> >loopback IP and from the 192.168.0.0/24 subnet.  In the case of a
> >typical location, you wouldn't need the SetHandler phrase -- that
> >redirects the path /server-status to a special internal handler.
> >
> >You can also put limits on <Files> and <Directory> entries if you
> >like, with similar effects.
> >
> >Doing this will elicit a "forbidden" response from the server for
> >anyone who doesn't match the magic IPs. If you truly want it to not
> >respond at all, then you need to address this at a lower level, e.g.
> >with firewall rulesOn Mon, 2006-05-29 at 00:34 -0400, Terry Bailey wrote:
> > >
> > > Can Apache be set up to only respond to a client with a particular IP
> > address?
> > >
> > > Thanks,
> > >
> > > Terry Bailey
> >
> >--
> >Bj?
> >
> >
> >
> >--
> >No virus found in this incoming message.
> >Checked by AVG Anti-Virus.
> >Version: 7.1.394 / Virus Database: 268.7.4/351 - Release Date: 5/29/2006
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>



More information about the Ale mailing list