Hello,
I am wanting to restrict a subdirectory of a website to a single, maybe
two, IP addresses.
I will refer to this documentation:
httpd.apache.org/docs/current/howto/access.html
under the section "Access control by host".
This document suggests that 'Allow', 'Order', and 'Deny' are deprecated,
so I am avoiding using these going forwards. It decided to exercise this
restriction with mod_authz_host. I verified that authz_core_module,
authz_host_module, authz_user_module are enabled.
I added these lines inside the <VirtualHost *:443> block:
<Directory /var/www/html/graphs>
Require ip 192.168.40.80
</Directory>
But a test revealed I was able to wget graphs/test.html on a different
machine (192.168.40.81).
I've only read the documentation. Practically every non-Apache website
still uses Order-Allow-Deny methodologies, so it's still not clear how
this is actually done in practice. Why did this not work?
Thanks, Timothy D Legg
------------------------------------------------------------ ---------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|