Re: [users@httpd] deny from all is needed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This can be quite confusing for newbies. I have only 
recently got my head around it. I think the connect bug 
workaround also added confusion to this for me.

The default state for 

Order deny,allow

is to allow from all as Alfred has already mentioned.

To deny from all without a Deny from all directive is
Order allow,deny

IMO if you can stick to one variant of the directive 
ordering in your configuration, you will save yourself some 
confusion.

<Directory "/var/www/manual">
  Order deny,allow
  Allow from 10.254.0.0/24
</Directory>

This is redundant and has the same effect as just saying:

<Directory "/var/www/manual">
  Order deny,allow
</Directory>

which allows everyone in.

To not use the deny from all directive, you would need to 
do:

<Directory "/var/www/manual">
  Order allow,deny
</Directory>

Which would block access to everyone.

<Directory "/var/www/manual">
  Order allow,deny
  Allow from 10.254.0.0/24
</Directory>

Would then allow access to the LAN network range mentioned.

Using 

<Directory "/var/www/manual">
  Order deny,allow
  Deny from all
  Allow from 10.254.0.0/24
</Directory>

Is another line to type, but reminds oneself that you are 
actually denying access to everyone, and then only allowing
people on that LAN in.


HTH

Keith

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux