On 12/7/06, Ara.T.Howard <ara.t.howard@xxxxxxxx> wrote:
does this make sense? i'm sure that is based on a mis-understanding on my part about Order/Allow/Deny, but i'm sure what i'm trying to do should be possible solely from this .htaccess file. thoughts?
You should include an Order Allow,Deny Directive.
ps. any thoughts on why 'Allow from x.x.x.x' uses REMOTE_ADDR and not HTTP_CLIENT_IP?
Because HTTP_CLIENT_IP is completely non-standard and could be trivially manipulated by the client in most circumstances? There used to be a module out there that takes the more-standard X-Forwarded-For and shoves it into the internal apache structure that sets REMOTE_ADDR. You could write a module to do the same with Client-IP if you want. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|