httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Kelly" <bi...@cts.com>
Subject [users@httpd] trouble restricting access to <Directory /usr/share/doc>
Date Wed, 08 Jan 2003 02:11:27 GMT
Hi,

I'm running Linux / Apache-1.3.26, and I hope this isn't a FAQ, but
I've been reading the manual and can't figure out what I'm doing
wrong.

In my default Apache installation (Mandrake 9.0), the document root
is set to /var/www/html, in which is a symbolic link to the Apache
manual:
/var/www/html/manual -> ../../../usr/share/doc/apache-manual-1.3.26/

In /etc/httpd/conf/commonhttpd.conf, I noticed a <Directory>
directive already existing that would seem to restrict access
to the manual, via:

<Directory /usr/share/doc>
    Options Indexes FollowSymLinks
    Order deny,allow
    Deny from all
    Allow from 127.0.0.1
</Directory>

However, I seem to be able to access http://mydomain/manual/index.html
from any IP.  In access_log, I see my successful access from a 
remote system:

192.188.72.17 - - [07/Jan/2003:17:44:25 -0800]
 "GET /manual/index.html HTTP/1.0" 200 9465 "-" 
 "Lynx/2.8.5dev.7 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6a"


I also tried a wildcard on the path (though didn't seem from the
docs it would be necessary): <Directory /usr/share/doc/*> but
this change had no apparent effect.


I suspect I'm missing something pretty basic here...  Hopefully
some kind soul can knock me upside the head with the correct 
approach :)


Thanks,

Bill




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message