On 10/10/05, Chris Pat <cpanon@xxxxxxxxx> wrote: > Hello > Is it possible to restrict contents of the htdocs > directory depending on where the uses is from? I want > to give localhost access and either block WAN side > access either totaly or directory by directory. I > believe it can be done by directory restriction if you > are using a domain name. I am not sure on access to > htdocs. This is the basic purpose of mod_access. Look up the docs for this module. Then do something like <Directory /path/to/document/root> Order Deny,Allow Deny from all Allow from localhost </Directory> > > Also this is my first time setting up Apache2.05x. Is > there a faq or some "must enable" to protect the > htdocs, from ddos, script attacks, remote access. Any > recommended faq on securing apache other than the > plethora adduced from a web search. tia. Unfortunately, there is no way to give a simple answer to this type of question. Googling for "apache security" will obviously get you several decent tutorials. But none will be comprehensive and cover everything you need to know. Part of the problem is that it is an extremely broad topic, and part of the problem is that it depends on exactly what type of stuff you are serving in what environment. If you feel you need a lot of help, there are also some decent books: http://opensource2.atlassian.com/confluence/oss/display/BOOKS/Books+about+Httpd Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|