httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J.M. Castroagudin" <jose.castroagu...@webfg.com>
Subject Re: [users@httpd] Allow/Deny directive and https
Date Wed, 26 Sep 2007 16:22:07 GMT
Thank you very much, Joshua (and thank you all)

I have tried:

(code)

<VirtualHost *:443>
DocumentRoot "/disc/html/https"
ServerName secure.foo.com

....

<Directory /disc/html/https/intranet>
    Order Deny,Allow
    Deny from All
#    Allow from env=intranet
</Directory>

....

</VirtualHost>

(/code)

And it does not work. I still can connect to /intranet...

I also tried:
(code)

<VirtualHost *:443>
DocumentRoot "/disc/html/https"
ServerName secure.foo.com
....
<Location /intranet/>
    Order Deny,Allow
    Deny from All
#    Allow from env=intranet
</Location>

...

</VirtualHost>

(/code)

... It just dont work..

Now i must review the entire configuration (it is a kinda complicated 
configuration, lots of sites and files), looking for something that 
could be overriding this directive. I will let you know if i find out 
something...

Thank you all again. And if anyone else have any idea, i will be grateful.




Joshua Slive escribió:
> On 9/13/07, J.M. Castroagudin <jose.castroagudin@webfg.com> wrote:
>   
>> Hi everybody,
>>
>> I have been trying to limit access to certain 'directories' (inside a
>> https vhost) based on IP directives. Something like this:
>>
>>
>> SetEnvIf remote_addr W.X.Y.Z intranet
>> SetEnvIf Client-ip W.X.Y.Z intranet
>>
>>
>> <VirtualHost *:443>
>> DocumentRoot "/disc/html/https"
>> ServerName secure.foo.com
>>
>> ....
>>
>> <Directory /disc/html/https/intranet>
>>     Order Deny,Allow
>>     Deny from All
>>     Allow from env=intranet
>> </Directory>
>>
>> ....
>>
>> </VirtualHost>
>>
>>
>> There is only a https virtual host in this server.
>>
>> But it seems not to work as expected. Accesing via
>> 'http://secure.foo.com', Deny and Allow directives work right (it is
>> defined before in conf file). Although, entering via
>> 'https://secure.foo.com', everybody has acces to this directory...
>>     
>
> Start by replacing your mod_setenvif-based config with a simple "Deny
> from all" and make sure that works. If it doesn't work, you likely
> have something else in the config file overriding it. For example,
> directives in <Location> sections will override <Directory> sections.
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>   


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message