I run apache on my home Fedora 7 system and have my ADSL router set up to allow access from the internet. It all works OK at the moment, I have the DocumentRoot set to be publically accessible and have a couple of sub-directories with restricted access for pages that I don't want to be visible to the outside world. These restricted areas are set up as follows:- <Directory /var/www/html/maxine> AllowOverride None Order Deny,Allow Deny from all Allow from 192.168.1 193.128.168.194 AuthType Basic AuthName "ISBD Home Server" AuthUserFile /etc/httpd/conf/passwd Require valid-user Satisfy Any </Directory> However I was wondering if other arrangements would be any more secure and/or easier to maintain. These are not hugely important documents or anything, just stuff I'd rather keep private like appointments and other bits and pieces of personal information. One obvious thing would be to reverse the logic and make the DocumentRoot have restricted access (as above) and then explicitly allow public access to one directory. I suspect this would be less prone to inadvertently allowing access to unintended places due to symbolic links etc. Are there any downsides to this approach (apart from requiring a slightly longer URL for anything with public access)? Another approach would be to use virtual domains (I can use sub-domains of a domain I own for this, my home machine is already accessed this way). Apart from the convenience of dedicated domains for the public and less-public areas does this offer any improvement (or otherwise) in security? Are there any other approaches possible? -- Chris Green -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list