httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joseph M. Morgan" <josephmmor...@hotmail.com>
Subject Re: [users@httpd] Help with mod_authz_host
Date Tue, 13 Jul 2010 16:07:23 GMT
OK... trying this

<Location />
     Order deny,allow
     Deny from 221.192.0.0/14
</Location>

Anyone know how to test it???  Or do I just wait??? And... how will I know?


On 7/13/2010 10:40 AM, Tom Evans wrote:
> On Tue, Jul 13, 2010 at 3:27 PM, Joseph M. Morgan
> <josephmmorgan@hotmail.com>  wrote:
>    
>> On 7/13/2010 9:03 AM, Tom Evans wrote:
>>      
>>> On Tue, Jul 13, 2010 at 1:13 PM, Joseph M. Morgan
>>> <josephmmorgan@hotmail.com>    wrote:
>>>
>>>        
>>>> This is an Apache 2.2 server running within a VM on CentOS.
>>>>
>>>> Both the authn_basic_module and the authn_host_module are loaded.
>>>>
>>>> I have the following directive:
>>>>
>>>> <Directory "/var/www/html">
>>>>     Order deny,allow
>>>>     Deny from 221.192.0.0/14
>>>> </Directory>
>>>>
>>>> Yet, today I see in my access logs:
>>>>
>>>> 221.192.199.35 - - [12/Jul/2010:15:26:19 -500] -500] "GET
>>>> http://www.wantsfly.com/prx2.pho?hash=abbreviated HTTP/1.0" 404 ......
>>>>
>>>> Why didn't Apache block this?
>>>>
>>>>
>>>>
>>>>
>>>>          
>>> Are there other Deny/Allow blocks in your config that may be
>>> overriding this one? Does this request end up not being resolved to a
>>> on disk file, which would bypass the Directory block?
>>>
>>> Cheers
>>>
>>> Tom
>>>
>>>
>>>        
>> I have the<Files ~ "^\.ht">     and the directory "/var/www/cgi-bin"  as deny
>> from all but it makes no sense those would allow anything, would they?
>>
>> The directories "var/www/error" and "var/www/icons" are Allow from all
>>
>>
>> Are you hinting that I need to add a<Files>    with the deny??
>>
>>      
> <Directory>  and<Files>  blocks are applied when apache is planning to
> serve a file, which can be bypassed if it isn't strictly a file it is
> serving.
>
> For instance, proxying never ends up with apache looking at a file on
> disk, so with this config:
>
> DocumentRoot /var/empty
> <Directory /var/empty>
>    Order allow,deny
>    Deny from all
> </Directory>
> ProxyPass / http://app/
>
> requests would always be allowed - everything goes thru proxy, not the
> file system.
>
> If you change from the<Directory>  approach to the<Location>
> approach, does it then work correctly? IE, map out exclusions in URL
> space, not filesystem space.
>
> Cheers
>
> Tom
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See<URL:http://httpd.apache.org/userslist.html>  for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>     "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>    

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message