On 10/07/2014 09:32 AM, Valeri Galtsev wrote:
On Tue, October 7, 2014 8:06 am, Robert Moskowitz wrote:
My web searching is not finding out the answers to this, so I turn to
you all here.
I am trying to NOT modify my httpd/conf/httpd.conf file, and only make
changes via includes. I have done that with a 00-init.conf where I set
things like servername and serveradmin. Now I want to move my allow and
denies to a 01-allow.conf include. I tried:
<Directory "/var/www/html">
Order allow,deny
deny from all
</Directory>
as that seems to be what is in the default conf, but I see in the
error_log:
[Tue Oct 07 08:51:58 2014] [error] [client 208.83.67.156] Directory
index forbidden by Options directive: /var/www/html/
For apache to automatically generate index, you need to gave the following
directive:
Options Indexes
If there is no such directive, and no index.html (or index.php, or
whichever you described as index in config), you will get that error. Read
on apache documentation to see how setting for diretory affect
subdirectories.
Of course, if I am going to preempt the provided directory directive, I
have to have all the needed content. So I tried:
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
allow from 192.84.67.128/255.255.255.0
deny from all
</Directory>
where the allowed address is not mine, and I still get the default
access page. Almost like the content later in the default httpd.conf is
overriding my include.
Or is it since I have no provided content, that default screen is coming
from somewhere else...
No, I created a /var/www/html/index.html with only the line 'Hello
World', and it gets displayed. So my deny,allow is not working...
Valeri
And maybe this is not the right restriction, because when I make this
change directly in the default httpd.conf, I still can get to the
default web page.
Now on to the 'allow' statement. All syntax examples I have seen for it
follow:
allow from 1.1.1.0/24 1.1.2.0/24 2400:cb00:2048:1::/64
and soforth. That is each range separated by a space. But potentially
I have 18 ranges to specify, and at least named makes it easy with each
range on its own line ending with a ';'. For now I am only putting 2
ranges in, but how does one set up a longer list of allowed ranges?
thanks
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
