On Wed, 9 Mar 2005, Joshua Slive wrote: > On Wed, 09 Mar 2005 09:42:31 -0800, Robin Lynn Frank > > What we need to do is deny access to the entire site based on IP and/or > > CIDR. How and where would this best be done? URLs with examples would > > be most welcome. TIA > > <Location /> > Order allow,deny > Allow from all > Deny from 123.456.789 > </Location> You propably want to make that Deny from 123.456.789.0/24 as to avoid confusion; esp. when you have multiple platforms in your organization and/or you move CIDRs between (non) apache applictions. The reason for this is that 10.1 as an addess actually stands for 10.0.0.1 and not the 10.1.0.0 one expect (see inet(4)) when it is a network notation. Always saying 10.1.0.0/32 or 10.1.0.0/16 makes this perfectly clear and portable between BSD, SVR4 and (non) apache app's. Dw --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|