Stas,
Here's a little report to answer your questions below about my error_log:
With:
<Location /public>
PerlAccessHandler 'sub {\
return Apache::Const::FORBIDDEN\
unless
shift->connection->remote_ip=~m/^\Q10.3.4./;\
}'
</Location>
In my httpd.conf, then:
[root@ps-114a-2k apache2]$bin/apachectl graceful
[root@ps-114a-2k apache2]$tail logs/error_log
[Sat Jul 03 16:48:48 2004] [notice] Graceful restart requested, doing restart
[Sat Jul 03 16:48:50 2004] [notice] Digest: generating secret for digest
authentication ...
[Sat Jul 03 16:48:50 2004] [notice] Digest: done
[Sat Jul 03 16:48:50 2004] [notice] Apache/2.0.49 (Unix) mod_perl/1.99_14
Perl/v5.8.4 mod_ssl/2.0.49 OpenSSL/0.9.7d DAV/2 configured -- resuming
normal operations
After this, I am able to access /public and there is no further action in
error_log.
Changing to this in httpd.conf:
<Location /public>
PerlAccessHandler 'sub {\
return Apache::FORBIDDEN\
unless
shift->connection->remote_ip=~m/^\Q10.3.4./;\
}'
</Location>
All works as expected.
Commenting this in my httpd.conf:
#PerlModule Apache::compat
Then:
[root@ps-114a-2k apache2]$bin/apachectl graceful
[Sat Jul 03 16:55:26 2004] [notice] Graceful restart requested, doing restart
[Sat Jul 03 16:55:28 2004] [notice] Digest: generating secret for digest
authentication ...
[Sat Jul 03 16:55:28 2004] [notice] Digest: done
[Sat Jul 03 16:55:28 2004] [notice] Apache/2.0.49 (Unix) mod_perl/1.99_14
Perl/v5.8.4 mod_ssl/2.0.49 OpenSSL/0.9.7d DAV/2 configured -- resuming
normal operations
And I am still blocked when I try to access /public.
At 04:33 PM 7/3/04 -0700, Stas Bekman wrote:
>[David, don't forget to hit reply-all]
>
>> Thanks. Line continuation!
>>
>> I now have this in my httpd.conf:
>>
>> <Location /public>
>> PerlAccessHandler 'sub {\
>> return Apache::Const::FORBIDDEN\
>> unless
>> shift->connection->remote_ip=~m/^\Q10.3.4./;\
>> }'
>> </Location>
>>
>> Hmmm.... I'm reading this and it seems to me that this should deny access
>> to anyone trying to access a file in the /public folder unless they are
>> coming from a remote address that starts with 10.3.4. But it seems to let
>> me in coming from 127.0.0.1.
>>
>> Am I missing something here?
>
>Your code is broken, there is no Apache::Const::FORBIDDEN, but
>Apache::FORBIDDEN. You also need to compile it before you can use it. Take a
>look at:
>http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAccessHandler
>
>did you look at the error_log file, was there anything in it?
>
>add 'use warnings/use strict' or PerlOptions -w (and -T) if you don't have
>already.
>
>--
>__________________________________________________________________
>Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
>http://stason.org/ mod_perl Guide ---> http://perl.apache.org
>mailto:stas@stason.org http://use.perl.org http://apacheweek.com
>http://modperlbook.org http://apache.org http://ticketmaster.com
>
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
|