httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Dunphy <bluethu...@gmail.com>
Subject Re: [users@httpd] apache 2.4 allow by IP
Date Thu, 19 Mar 2015 23:21:26 GMT
Hello Kees,

 Thanks for that suggestion. Not sure if I understood you correctly, but
this is what I tried:

#Mod_status config
    ExtendedStatus on

<VirtualHost *>
    ServerAdmin     webmaster@nbcuni.com
    DocumentRoot    /opt/apache2/htdocs/hcphp.nbc.com
    ServerName      hcphp.nbc.com
    ServerAlias     phphc.nbc.com 10.10.10.5  uszwsls00015la.dmz.tfayd.com
<Directory /*>
        AddHandler cgi-script .cgi
        Options -Indexes +FollowSymLinks +ExecCGI +Includes
        AllowOverride All
        Require all granted
</Directory>
     RewriteEngine On
     RewriteCond %{REQUEST_METHOD} ^TRACE
     RewriteRule .* - [F]
     ExpiresActive On
     ExpiresDefault "access plus 30 minutes"
<Location /server-status>
    SetHandler server-status
    Require ip 10.10.10.5
    #Require all granted
</Location>


 </VirtualHost>

But that didn't change my result:

[root@uszwsls00015la apache2]# GET http://$(hostname -i)/server-status
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
 <head>
  <title>Index of /</title>
 </head>
 <body>
<h1>Index of /</h1>
<ul><li><a href="healthcheck.php"> healthcheck.php</a></li>
</ul>
</body></html>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /server-status
on this server.<br />
</p>
</body></html>

And the same entry was added to the error log as before:

[Thu Mar 19 16:19:41.577437 2015] [authz_core:error] [pid 57932:tid
140005330646784] [client 10.10.10.5:30780] AH01630: client denied by server
configuration: /opt/apache2/htdocs/hcphp.nbc.com/server-status

Does anyeone have any other ideas? Would showing more of the config be
helpful?
Thanks
Tim


On Thu, Mar 19, 2015 at 6:59 PM, Kees Nuyt <k.nuyt@zonnet.nl> wrote:

> On Thu, 19 Mar 2015 16:26:28 -0400, you wrote:
>
> >This is what I'm seeing in the error logs:
> >
> >[Thu Mar 19 13:22:34.274686 2015] [authz_core:error] [pid 56979:tid
> >140005409228544] [client 216.178.108.232:63636] AH01630: client denied by
> >server configuration: /opt/apache2/htdocs/hcphp.nbc.com/server-status
> >
> >But that error seems to be referencing another VHOST:
> >
> >
> >#Mod_status config
> >    ExtendedStatus on
> ><Location /server-status>
> >    SetHandler server-status
> >    Require ip 10.10.10.5
> >    #Require all granted
> ></Location>
> >
> ><VirtualHost *>
> >    ServerAdmin     webmaster@somewhere.com
> >    DocumentRoot    /opt/apache2/htdocs/hcphp.nbc.com
> >    ServerName      hcphp.nbc.com
> >    ServerAlias     phphc.nbc.com 10.10.10.5
> uszwsls00015la.dmz.tfayd.com
> ><Directory /*>
> >        AddHandler cgi-script .cgi
> >        Options -Indexes +FollowSymLinks +ExecCGI +Includes
> >        AllowOverride All
> >        Require all granted
> ></Directory>
> >     RewriteEngine On
> >     RewriteCond %{REQUEST_METHOD} ^TRACE
> >     RewriteRule .* - [F]
> >     ExpiresActive On
> >     ExpiresDefault "access plus 30 minutes"
> > </VirtualHost>
> >
> >I'm still not sure why this is happening. Any help/clues would be
> >appreciated!
> >
> >Tim
>
> The first virtual host is the default servername.
> You could try to move the <Location ...> ... server-status ... </Location>
> block into that <VirtualHost ... ></VirtualHost> block.
>
> --
> Regards, Cordialement, Groet,
>
> Kees Nuyt
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

Mime
View raw message