httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] .htaccess-domain names
Date Mon, 17 Mar 2003 09:45:10 GMT
>-----Original Message-----
>From: J.D. Kotrla-Chipps [mailto:jdkc@woptura.com]
>
>Client, or server?  The client machine does "nslookup" just fine.

Server. The apache server is trying to find out the IP address of the domain you specified
in the "Allow" directive so it can compare it with the actual IP address in the TCP/IP header
of the request. If it can't resolve it then it won't "Allow" the request.

Remember that apache Allows or Denies based on real IP addresses since these can't be spoofed.
You are allowed to use a domain name in the Allow directive to make life easy for you and
to cope with the possibility that the IP address of an Allowed site changes. However, for
this convenience mechanism to work, your *apache server* must have a working DNS.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

>
>
>Boyle Owen wrote:
>>>-----Original Message-----
>>>From: Sander Holthaus - Orange XL [mailto:info@orangexl.com]
>>>
>>>Yes, but you may not want to turn it on! You'll find it in the Apache
>>>Documentation, located at
>>>http://httpd.apache.org/docs-2.0/mod/core.html#hostnamelookups .
>> 
>> 
>> That's what I thought, but according to the documentation for the
>> "Allow" directive, the presence of a domain name in the 
>argument causes
>> a DNS lookup *regardless* of the setting of HostNameLookups. So that
>> can't be the problem.
>> 
>> We know that his Deny and Allow directives work with IP 
>addresses so it
>> must be that "AllowOverride Limit" is set in the config (or no access
>> directives would work). 
>> 
>> The only other possibility I can think of is that the machine doesn't
>> have a working DNS configuration. To test, try nslookup on 
>the domains
>> you are interested in to see if your machine knows how to 
>resolve IPs.
>> 
>> Rgds,
>> Owen Boyle
>> Disclaimer: Any disclaimer attached to this message may be ignored. 
>> 
>> 
>>>If you haven't turned this on, Apache won't know about 
>>>domain-name, if you
>>>turn it on, it will. It will try to look up every IP, but at a 
>>>cost. Also,
>>>most IP's will resolve, but not all.
>>>
>>>I personally use this directive only on cgi's and stuff.
>>>
>>>Kind Regards,
>>>Sander Holthaus
>>>
>>>----- Original Message -----
>>>From: "J.D. Kotrla-Chipps" <jdkc@woptura.com>
>>>To: <users@httpd.apache.org>
>>>Sent: Thursday, March 13, 2003 9:05 PM
>>>Subject: [users@httpd] .htaccess-domain names
>>>
>>>
>>>
>>>>
>>>>Sander Holthaus - Orange XL wrote:
>>>>
>>>>
>>>>>But please, always:
>>>>> -search the maillinglist archives first
>>>>> -then ask Google
>>>>> -if you still don't have an answer, post your question here
>>>>
>>>>
>>>>Did all of the above, and still can't find the answer.
>>>>
>>>>According to everything I've read, .htaccess is supposed to 
>>>
>>>be able to
>>>
>>>>block domain names as well as IP's, but mine isn't blocking 
>>>
>>>the domain
>>>
>>>>names, only the IP's.
>>>>
>>>>Any suggestions?  Is it somethat has to be configured on the 
>>>
>>>server to
>>>
>>>>accept domain names?
>>>>
>>>>
>>>>------------------------------------------------------------
>---------
>>>>The official User-To-User support forum of the Apache HTTP 
>>>
>>>Server Project.
>>>
>>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>>
>>>---------------------------------------------------------------------
>>>The official User-To-User support forum of the Apache HTTP 
>>>Server Project.
>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>> 
>> 
>> This message is for the named person's use only. It may contain
>> confidential, proprietary or legally privileged information. No
>> confidentiality or privilege is waived or lost by any 
>mistransmission.
>> If you receive this message in error, please notify the 
>sender urgently
>> and then immediately delete the message and any copies of it 
>from your
>> system. Please also immediately destroy any hardcopies of 
>the message.
>> You must not, directly or indirectly, use, disclose, 
>distribute, print,
>> or copy any part of this message if you are not the intended 
>recipient.
>> The sender's company reserves the right to monitor all e-mail
>> communications through their networks. Any views expressed in this
>> message are those of the individual sender, except where the message
>> states otherwise and the sender is authorised to state them to be the
>> views of the sender's company. 
>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP 
>Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>> 
>> 
>> 
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message