httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] .htaccess 'allow from' and directories
Date Mon, 19 Jul 2004 08:00:24 GMT


> -----Original Message-----
> From: Nigel Gilbert [mailto:n.gilbert@soc.surrey.ac.uk]
> Sent: Sonntag, 18. Juli 2004 13:01
> To: users@httpd.apache.org
> Subject: [users@httpd] .htaccess 'allow from' and directories
> 
> 
> I have an .htaccess file at the top level which allows users in from 
> specified IP addresses.  The allow commands are within a <Files> 
> directive in the .htaccess file.  There is also a <Files> directive 
> which allows all users access to index.html.   e.g.:
> 
> <Files *>
> Order Allow,Deny
> Allow from 206.40
> ....
> </Files>
> <Files index.html>
> Allow from all
> </Files>
> 
> The result is that, as expected, all users are allowed to access the 
> location http://my.domain.com/index.html if they specify this address 
> explicitly.  However, if they try to access the location 
> http://my.domain.com/  (no explicit index.html) and are not on the 
> allowed IP list, their access is denied.  I would like the 
> behaviour to 
> be exactly the same as if they had specified index.html in their URL.
> 
> How can I achieve this?  I do not have permissions to change the 
> httpd.conf file, so any solution needs to be workable using only the 
> .htaccess context (this excludes using <Directory > directive, as far 
> as I can see from the documentation).

.htaccess files can only be used to override main config directives if
the config allows it (via the AllowOverride directive). Apache is
"friendly" so the default for this directive is "AllowOverride All". So
if the apache-admin doesn't care, you can simply override the access
directives by putting:

<Files *>
  Allow from all
</Files>

in .htaccess.

However, if the apache admin doesn't want you to do this, he will have
disabled overrridng in the config (eg, AllowOverride None). Then you
can't do it all - neither should you be able to - it's a security
feature and if you don't have the right to edit the config, you don't
have control of the server.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

> 
> Thanks for your help!
> 
> Nigel Gilbert
> 
> ______________________________________________________________
> _________
> Professor Nigel Gilbert,  Editor, Journal of Artificial Societies and
>       Social Simulation, <http://www.soc.surrey.ac.uk/JASSS/>
>          Centre for Research on Social Simulation (CRESS)
>     Department of Sociology, University of Surrey, Guildford, UK.
>         Tel:+44 1483 689173   N.Gilbert@soc.surrey.ac.uk
>                         <http://cress.soc.surrey.ac.uk/>
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message