httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Quinn <>
Subject Re: [users@httpd] server-status / server-info protection
Date Wed, 14 Jul 2004 19:37:50 GMT
you need to change you access list.  The way they are read is Top to 
Bottom, the first match it finds it stops.  You are doing a Deny from ALL, 
so it finds that line, then doesn't move on.  You need your allow line first.


At 12:27 PM 7/14/2004, you wrote:
>Im trying to restrict my server-info and server-status pages to localhost 
>only using the following lines:
><Location /server-info>
>      SetHandler server-info
>      Order Deny,Allow
>      Deny from all
>      Allow from
><Location /server-status>
>      SetHandler server-status
>      Order Deny,Allow
>      Deny from all
>      Allow from
>The problem is that for some reason, I can still access these pages from 
>outside localhost. Are these lines correct/all that I need?

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message