[ale] Apache

Christopher R. Curzio ale at accipiter.org
Mon May 29 14:14:52 EDT 2006


Things like Apache and iptables have plenty of documentation, you know. 

iptables -t table_name -I PREROUTING -p tcp -s ! 212.23.45.6 --dport 80 -j DROP

--
Christopher R. Curzio     |  Quantum materiae materietur marmota monax
http://www.accipiter.org  |  si marmota monax materiam possit materiari?
:wq!


Thus Spake Terry Bailey <terry at bitlinx.com>:
Mon, 29 May 2006 13:52:55 -0400


> 
> 
> I am not familiar with allow/deny pair.  This sounds like squid.  How could 
> I use iptables to drop all incoming packets bound for port 80 unless the 
> source IP is 212.23.45.6?
> 
> 
> At 08:32 AM 5/29/2006, you wrote:
> 
> >On Mon, 2006-05-29 at 08:26 -0400, attriel wrote:
> > > James P. Kinney III wrote:
> > >
> > > >Yes and no. You have access to the client IP address as a variable
> > > >within the apache data environment. You would then need to have a
> > > >cgi/php/java/javascript app(let) that allows access from the IP address
> > > >and returns and error page otherwise.
> > > >
> > > >That is if you want to block access to only one branch/page of your
> > > >site. If you want to do that for everything, using iptables to redirect
> > > >to port 8080 where apache listens but only has an error page is easier.
> > > >
> > > >
> > >
> > > you could also use the allow/deny pair
> >
> >Hmm. Good point. And it can be used in directory settings as well as the
> >global one.
> >
> >I had forgotten about that one since all my sites are always Allow all
> >Deny none :)
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://www.ale.org/mailman/listinfo/ale
> >--
> >James P. Kinney III          \Changing the mobile computing world/
> >CEO & Director of Engineering \          one Linux user         /
> >Local Net Solutions,LLC        \           at a time.          /
> >770-493-8244                    \.___________________________./
> >http://www.localnetsolutions.com
> >
> >GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> ><jkinney at localnetsolutions.com>
> >Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
> >
> >_______________________________________________
> >Ale mailing list
> >Ale at ale.org
> >http://www.ale.org/mailman/listinfo/ale
> >
> >No virus found in this incoming message.
> >Checked by AVG Anti-Virus.
> >Version: 7.1.394 / Virus Database: 268.7.4/351 - Release Date: 5/29/2006
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale



More information about the Ale mailing list