httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Danie Qian" <dan...@bestningning.com>
Subject Re: [users@httpd] .htaccess for script aliased directories SOLVED!
Date Fri, 25 Apr 2008 21:17:17 GMT
I think the following mod_access settings is the one that makes me safe in 
this particular setup:

        Order deny,allow
        deny from all
        allow from 216.130.212
        allow from 216.130.209
        allow from 216.130.213
        Satisfy any



----- Original Message ----- 
From: <matt.farey@gmail.com>
To: <users@httpd.apache.org>
Sent: Friday, April 25, 2008 5:06 PM
Subject: Re: [users@httpd] .htaccess for script aliased directories SOLVED!


> You definately need to remove the limit clause
> That clause iat best s meaningless given your previous post, and if the 
> config changes elsewhere your server or data would be at risk.
> You probably have a server wide limitexcept clause which bans the other 
> verbs or some other permissions lock down, but just to be clear the limit 
> clause is NOT what youi want ;)
> Sent from my BlackBerry?wireless device
>
> -----Original Message-----
> From: Pam Astor <pamastor@hotmail.com>
>
> Date: Fri, 25 Apr 2008 17:00:35
> To:<users@httpd.apache.org>
> Subject: RE: [users@httpd] .htaccess for script aliased directories 
> SOLVED!
>
> Thanks so much Danie!?
> ?
> I think the problem was the fact that I was not using double quotes
> for my path in the <Directory> Tag.?I saw your earlier post - noticed you 
> had them,
> added them in, and set the path again to the script aliased path and it 
> worked fine.?
> ?
> I was able to get it working with this simple tag:
> ?
> <Directory "usr/local/awstats/wwwroot/cgi-bin">
> AuthName "MembersOnly"
> AuthType Basic
> AuthUserFile "/home/userdir/htpasswd"
> Require user coder
> AllowOverride AuthConfig
> </Directory>
> ?
> I had a hunch it was something simple.?Thanks so much!
> ?
> ?
> ?
> I just setup awstats a few weeks ago and this setting works for me in the 
> <VirtualHost>:
> ?
>
>       ?Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/"
>       ?Alias /awstatscss "/usr/local/awstats/wwwroot/css/"
>       ?Alias /icon "/usr/local/awstats/wwwroot/icon/"
>       ?ScriptAlias /awstats/ "/usr/local/awstats/wwwroot/cgi-bin/"
>       ?#
>       ?# This is to permit URL access to scripts/files in AWStats 
> directory.
>       ?#
>       ?<Directory "/usr/local/awstats/wwwroot">
>       ?Options None
>       ?AllowOverride None
>       ?Order allow,deny
>       ?Allow from all
>       ?</Directory>
> ?
>       ?<Directory "/usr/local/awstats/wwwroot/cgi-bin">
>       ?AuthUserFile "/usr/local/awstats/wwwroot/mypasswordfile"
>       ?AuthName "Awstats"
>       ?AuthType Basic
>       ?<Limit GET POST>
>               ?require valid-user
>       ?</Limit>
>       ?Options None
>       ?AllowOverride AuthConfig
>       ?Order deny,allow
>       ?deny from all
>       ?allow from 216.130.212
>       ?allow from 216.130.209
>       ?allow from 216.130.213
>       ?Satisfy any
>       ?</Directory>skill meets World Series. Get in the game. 
> <http://club.live.com/word_slugger.aspx?icid=word_slugger_wlhm_admod_april08>
>
> ----------------
> Express yourself wherever you are. Mobilize! 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message