httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: [users@httpd] Access control for files outside DocumentRoot
Date Wed, 09 Apr 2003 14:36:22 GMT

On Wed, 9 Apr 2003, Jean-Luc Wasmer wrote:

> Hi,
>
> I'm trying to control the access to _any_ file on the filesystem, eg any
> file in /.
> I need this because I have included files that are outside DocumentRoot and
> the Allow-Deny directives need to be in a <Directory> section.

>     <Directory />
>         Order Allow,Deny
>         Allow from 192.168.0.0/255.255.255.0
>         Deny from All
>     </Directory>

Two things wrong:

1. Please read the docs on Order and consider the effect of that order
directive.  (Hint: All access will be denied if you end with "Deny from
All".)

2. These directives in <Directory /> will probably be overridden by
directives that apply lower down in the the directory tree and thus have
no effect at all.  An easy way to solve you particular problem is to use
this:

<Location />
Order Deny,Allow
Deny from All
Allow from 192.168.0.0/255.255.255.0
</Location>

This works because <Location> sections are evaluated AFTER all <Directory>
sections.

See the docs on configuration sections.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message