httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Staf Wagemakers" <staf.wagemak...@gmail.com>
Subject Re: [users@httpd] Indexes and Authentication
Date Mon, 08 Sep 2008 09:30:46 GMT
On Thu, Sep 4, 2008 at 9:47 PM, Justin Pasher
<justinp@newmediagateway.com> wrote:
> Andrew Hall wrote:
>>
>> Hi there.
>>
>> I'd like to allow directory indexes for certain clients but not for
>> others.
>>
>> Specifically to allow our internal network to view them but external
>> connections to be refused.
>>
>> Is there some way to wrap Options [+-]Indexes within Authentication by
>> IP address ?
>>
>> Thanks very much.
>>
>
> I don't think you're going to be able to do this, as the Options directive
> can only be changed within a "container" context (e.g. global config,
> <VirtualHost>, <Directory>, .htaccess). Since the Allow from/Deny from
> directives are not container objects, you can't wrap the Options directive
> inside of them. A solution I have used in the past to emulate this behavior
> is to create an index files written in a programming language like PHP or
> Perl and have that page generate the index listing instead of Apache. This
> allows you to put any security checks you like on the directory index
> generation.
>
> Justin Pasher
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

It should be to use the <location> directive for this...

e.g.

<location  /index.html>
                 Order Deny,Allow
                 Deny from all

                 Allow from xxx.xxx.xxx.xxx

</location>

hope this helps,

-- 
Staf Wagemakers - http://www.wagemakers.be

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message