httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Ladner <eric.lad...@gmail.com>
Subject Re: [users@httpd] How to create a "hosts deny" list for Apache
Date Thu, 13 Jan 2005 20:53:38 GMT
No, you can't do that, but you could have a file that you create
yourself in /tmp/hosts_deny, then write a script that produces the
.htaccess file automatically.

Something like (in bash or ksh, as an example):

$webroot="/where/your/doc/root/is"
$htaccess="$webroot/.htaccess"

echo > $htaccess <<EOF
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName MyAuthName
AuthType Basic

<Limit GET>
  order allow,deny
  allow from all
EOF

cat /tmp/hosts_deny | while read line
do
    echo "  deny from $line" >> $htaccess
done

echo "</Limit>" >> $htaccess

I haven't check this for complete syntactic correcness, but it should
be close.  No comments from the peanut gallery on my coding style,
either.  :P

E

On Thu, 13 Jan 2005 11:13:13 +0000, JM Fraser <jmf@cybertrex.co.uk> wrote:
> Eric, could I have a .htaccess file with:
> 
> Order deny,allow
> Allow From All
> Deny From /tmp/hosts_deny
> 
> For example. This way all hosts listed in this "hosts_deny" file will be
> denied access but everyone else will get thru? Will I have to setup a
> specific directive around this?
> 
> 
> On 11:05:31 January 13, 2005 Grand Apeiron <Grand.Apeiron@gmx.net> wrote:
> > On Thu, 2005-01-13 at 10:38 +0000, JM Fraser wrote:
> > >  Eric, do you have an example script that I could modify, or a site
> > >  where I could get info? I don't want to end up terminating all
> > >  httpd requests in error!
> >
> > You only need a script if you want to modify the access list in an
> > automatic way.
> > The basic thing to deny/allow access to your site is the .htaccess
> > file itself.
> >
> > To deny access to everyone by default and only allow access for some
> > specific hosts/subnets your .htaccess file would look like:
> >
> > Order deny,allow
> >
> > Deny From All
> > Allow From x.x.x.x
> > Allow From x.x.x.x
> >
> >
> > So, one "Allow From" line for every host or subnet you want to allow
> > your site.
> >
> > You may read the documentation for the <Directory> directive in the
> > apache2 docs.
> >
> >
> > Grand Apeiron
> >


-- 
Eric Ladner

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message