httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] server-status / server-info protection
Date Wed, 14 Jul 2004 19:39:43 GMT
On Wed, 14 Jul 2004 20:27:27 +0100, Simon <> wrote:
> Im trying to restrict my server-info and server-status pages to
> localhost only using the following lines:
> <Location /server-info>
>       SetHandler server-info
>       Order Deny,Allow
>       Deny from all
>       Allow from
> </Location>
> <Location /server-status>
>       SetHandler server-status
>       Order Deny,Allow
>       Deny from all
>       Allow from
> </Location>
> The problem is that for some reason, I can still access these pages from
> outside localhost. Are these lines correct/all that I need?

Yes, they are correct.

Are you sure you are editting the right config file?

Have you restarted the server after making changes?

Are there any other <Location> sections that might be overriding these ones?

Are client requests really arriving from outside, or do you have a
proxy on your local computer that is forwarding to apache?  (For
example, on Mac OSX, all requests look like they come from localhost
because of a local proxy.)


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message