httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonathan Zuckerman <j.zucker...@gmail.com>
Subject Re: [users@httpd] RE: httaccess stopped working update
Date Mon, 26 Oct 2009 06:30:07 GMT
> -----Original Message-----
> From: Marc Fromm
> Sent: Sunday, October 25, 2009 7:48 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] httaccess stopped working
>
> I have used this htaccess file for quite some time now and it worked, only allowing access
to specific ip addressess.
> For some reason the htaccess is not blocking ip addresses outside the ones specified.
> I have 'x'ed out the ip addresses and changed the user user name for this email.
>
> AuthType Basic
> AuthName "Outside Access."
> AuthUserfile /etc/htpasswd
> require user user_name
> #require valid-user
> Satisfy All
> <Limit GET POST>
> order deny,allow
> deny from all
> allow from xxx.xxx.216
> allow from xxx.xxx.42
> allow from xxx.xxx.43
> allow from xxx.xxx.188
> allow from xxx.xxx.189
> </Limit>
>
> Any ideas on what could have changed to so the deny from all is no longer working? Users
are still asked for a username and password. Some posts state to avoid using LIMIT. If that
is correct then what is the better method?
>
> Thanks
>
>
On Sun, Oct 25, 2009 at 9:22 PM, Marc Fromm <Marc.Fromm@wwu.edu> wrote:
> Update on my htaccess problem.
> Recently I set up a spider trap which required placing an htaccess file on the www/html
directory. The htaccess file listed in my first email is a sub directory of html/.
>
> The tutorial had me create this htaccess file. Is the <Files *> . . . </Files>
section over ruling the htaccess file in the sub directory?>
> # Block bad-bots using lines written by bad_bot.pl script above
> SetEnvIf Request_URI "^(/403.*\.htm|/robots\.txt|/file_instead_of_what_they_want\.htm)$"
allowsome
>
> <Files *>
> order allow,deny
> allow from all
> deny from env=getout
> </Files>
>

You specifically said: for ALL files, allow from ALL except.. deny
from env=getout.
This will absolutely override .htaccess rules set in a higher
directory, that's almost the whole point of htaccess.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message