Re: .htaccess for script aliased directories SOLVED!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I think the following mod_access settings is the one that makes me safe in this particular setup: 

       Order deny,allow
       deny from all
       allow from 216.130.212
       allow from 216.130.209
       allow from 216.130.213
       Satisfy any
----- Original Message ----- From: <matt.farey@xxxxxxxxx> 
To: <users@xxxxxxxxxxxxxxxx>
Sent: Friday, April 25, 2008 5:06 PM
Subject: Re:  .htaccess for script aliased directories SOLVED!



You definately need to remove the limit clause
That clause iat best s meaningless given your previous post, and if the config changes elsewhere your server or data would be at risk. You probably have a server wide limitexcept clause which bans the other verbs or some other permissions lock down, but just to be clear the limit clause is NOT what youi want ;) 
Sent from my BlackBerry?wireless device

-----Original Message-----
From: Pam Astor <pamastor@xxxxxxxxxxx>

Date: Fri, 25 Apr 2008 17:00:35
To:<users@xxxxxxxxxxxxxxxx>
Subject: RE: .htaccess for script aliased directories SOLVED! 

Thanks so much Danie!?
?
I think the problem was the fact that I was not using double quotes
for my path in the <Directory> Tag.?I saw your earlier post - noticed you had them, added them in, and set the path again to the script aliased path and it worked fine.? 
?
I was able to get it working with this simple tag:
?
<Directory "usr/local/awstats/wwwroot/cgi-bin">
AuthName "MembersOnly"
AuthType Basic
AuthUserFile "/home/userdir/htpasswd"
Require user coder
AllowOverride AuthConfig
</Directory>
?
I had a hunch it was something simple.?Thanks so much!
?
?
?
I just setup awstats a few weeks ago and this setting works for me in the <VirtualHost>: 
?

????Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/"
????Alias /awstatscss "/usr/local/awstats/wwwroot/css/"
????Alias /icon "/usr/local/awstats/wwwroot/icon/"
????ScriptAlias /awstats/ "/usr/local/awstats/wwwroot/cgi-bin/"
????#
????# This is to permit URL access to scripts/files in AWStats directory. 
????#
????<Directory "/usr/local/awstats/wwwroot">
????Options None
????AllowOverride None
????Order allow,deny
????Allow from all
????</Directory>
?
????<Directory "/usr/local/awstats/wwwroot/cgi-bin">
????AuthUserFile "/usr/local/awstats/wwwroot/mypasswordfile"
????AuthName "Awstats"
????AuthType Basic
????<Limit GET POST>
????????require valid-user
????</Limit>
????Options None
????AllowOverride AuthConfig
????Order deny,allow
????deny from all
????allow from 216.130.212
????allow from 216.130.209
????allow from 216.130.213
????Satisfy any
????</Directory>skill meets World Series. Get in the game. <http://club.live.com/word_slugger.aspx?icid=word_slugger_wlhm_admod_april08> 

----------------
Express yourself wherever you are. Mobilize! 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux