Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 32738 invoked by uid 500); 16 Apr 2003 03:04:48 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 32724 invoked from network); 16 Apr 2003 03:04:48 -0000 Received: from nasa.nmu.edu (198.110.201.100) by daedalus.apache.org with SMTP; 16 Apr 2003 03:04:48 -0000 Received: from nasa.nmu.edu (pm427-44.dialip.mich.net [198.110.154.150]) by nasa.nmu.edu (8.12.8/8.12.8) with ESMTP id h3G34sDw013502 for ; Tue, 15 Apr 2003 23:04:55 -0400 (EDT) Date: Tue, 15 Apr 2003 23:04:57 -0400 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v551) From: "B.J. Ash" To: users@httpd.apache.org Content-Transfer-Encoding: 7bit In-Reply-To: <5D83C44941AFD4118B6F0002B302984F43887A@EXCHANGE_SERVER> Message-Id: <34A5C73E-6FB8-11D7-A27C-000393BCC46E@nasa.nmu.edu> X-Mailer: Apple Mail (2.551) X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: Re: [users@httpd] Restricting access by IP address between Linux and WinXP When defining network segments on Apache, such as your example of "Allow from 192.168.XX.XX", shouldn't you have entered " Allow from 192.168.*.* " instead? It seems to me that the wildcard would be more appropriate and acceptable than the XXs. I'm surprised Apache didn't give you an error on startup stating that it can't reach "192.168.XX.XX" I could be wrong though.... -- B.J. Ash admin@nasa.nmu.edu Information Technology Systems Specialist III On Tuesday, Apr 15, 2003, at 21:33 America/Detroit, Denise Mangano wrote: > It turns out that the problem is not my server seeing my workstation's > IP > address. When I connect to www.mywebsite.com and run a netstat from my > server I see my workstation connected and the IP address shows > correctly. > > Now the Directory directive for the test.mywebsite.com specifies to > allow > from 192.168.XX.XX which is my IP address. However I get forbidden > access > to the / directory. Everyone has read permission from the / directory > down > to the test.mywebsite directory. > > I'd really appreciate any feedback on this one - I'm really stressing > over > this, and need to get this working asap. I've been searching throught > the > archives and it looks like I am doing everything right but its not > working. > > I made a typo before... the directives in my httpd.conf file are as > follows: > > Order deny,allow > Deny from all > > > > ... > > Order deny,allow > Allow from all > > ... > > > > ... > > Order deny, allow > Allow from 127.0.0.1 > Allow from 192.168.XX.XX > > ... > > > Thanks for your help! > Denise > > -----Original Message----- > From: Denise Mangano > To: 'users@httpd.apache.org' > Sent: 4/15/2003 3:04 PM > Subject: [users@httpd] Restricting access by IP address between Linux > and > WinXP > > I have a directory set up that I am trying to restrict public access > to. > I > am working from my WinXP workstation and I use a SSH client to connect > to my > Linux server. My access to the public site works fine. > > However, when I attempt to access the private site from the IP address > specified in the directive, I get a forbidden message. The good news is > that > public access is also forbidden, but I need to get access from my > workstation at the least, and possibly other workstations within my > office. > I am on the same network as the Linux server, and can't understand why > this > is not working. > > Any ideas? > > In my httpd.conf I have the directives set up (left out > irrelevant code): > > > Order deny,allow > Deny from all > > > > ... > > Order deny,allow > Deny from all > > ... > > > > ... > > Order allow,deny > Allow from 127.0.0.1 > Allow from 192.168.XX.XX > > ... > > > Thanks for your help. > Denise > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server > Project. > See for more info. > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > " from the digest: users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: users-help@httpd.apache.org > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server > Project. > See for more info. > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > " from the digest: users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: users-help@httpd.apache.org > > -- B.J. Ash admin@nasa.nmu.edu --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org