httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: SV: [users@httpd] Options "per address"?
Date Sat, 25 Apr 2009 12:31:20 GMT
Anders Norrbring wrote:
>> Anders Norrbring wrote:
>>> Is there a way to control options for a directory per address mask?
>>>
>>> Like from 192.168.111.0/24, I can have 'Options All' but from all
>> other
>>> addresses, 'Options None'..
>>>
>> As far as I know, and strictly as you ask above, no (meaning not
>> directly with standard Apache configuration options).
>> Now, depending on what /exactly/ you want to achieve, there may be a
>> way
>> to do what you want using SetEnvIf or mod_rewrite, but you'd have to be
>> more specific about what you want to allow or deny depending on the
>> address.
>> For example, if what you wanted to do would be to allow/disallow a
>> directory index depending on the caller IP, I believe you could achieve
>> that, not by playing with the Options, but by playing with the URL
>> requesting the directory.
>>
>> If you really want to intervene at the Options level, I think your best
>> bet would be mod_perl.
> 
> 
> Actually it -is- directory listings I want to block for all access outside
> the local network, I just don't know how to accomplish it, I haven't really
> studied to more advanced configurations for Apache since standard settings
> is all I've been using up to now.
> 
Ok, then sometimes you have to think a bit "out of the box" in order to 
resolve an issue.
So you have a server accessible both from inside the local network, and 
from outside, and you want different rules to apply in each case.
You could look just at the directory index issue, but I am sure that 
with time, there will be other things that you want to allow/deny.
One option would be to use two different hostnames for your server, and 
in Apache use Virtual Hosts.
For example, internal users would use the name "myserver.internal.net" 
and outside users would use "myserver.company.com".
Then you could define 2 Virtual Hosts (one for each of those names), and 
give each one its own set of rules.
Both would still have the same DocumentRoot and access the same pages, 
but with different restrictions.
Would that be an option ?


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message