Re: Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert <kdwoell@xxxxxxxxx>]

User from the Internet can see the 3rd vhost site now. The current access control directives are:

Order allow,deny

All from all

Now that Apache can route to the 3rd vhost block I edited the access controls to tighten things down and enable localhost access as:

Order deny,allow

Deny from all

Allow from [redacted public IP subnet] 127.

And it works great!

The issue was more complicated than it needed to be due to my lack of understanding of DNS routing integrated with Apache (using a public IP for the alias directive). Thanks to everyone for their help!

On Tue, Jun 25, 2013 at 2:05 PM, Kirk Woellert <kdwoell@xxxxxxxxx> wrote:

Starting to understand this better. Appending the public IP to the current list of alias names in httpd.conf works as you said (for me). 

ServerAlias [redacted alias] [redacted public IP]

Sent the link to a user- see what they say.

On Tue, Jun 25, 2013 at 1:31 PM, Eric Covener <covener@xxxxxxxxx> wrote:

On Tue, Jun 25, 2013 at 11:33 AM, Kirk Woellert <kdwoell@xxxxxxxxx> wrote:
> That worked. I edited the /etc/host file on the linux client with a public
> IP, and I can get access to the 3rd vhost. Finally, get back to the original
> issue which started all this.
>
> I need to be able expose the site to certain decision makers while its under
> development. Hence why I tried Order, Deny, Allow directives for a public
> IP. I can't edit their individual /etc/hosts files. Any other way to help
> Apache route to the 3rd vhost until I can get a FQDN?

Give them links with the IP address. Add the IP address as a ServerAlias.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

--
Kirk Woellert

Independent Consultant

Science & Technology Policy, Technical Services

cel 703-732-5339