> > > Jaap Cammeraat escreveu: >> Thx! >> And what is the best way... >> > > There's no best way .... there's the way that met your criterias. > > You have to arrange the http_access rules to met your criterias, > there's no hints or tips about that. That's just your criterias and > logical order of the rules. There are several bad ways though. With varying degrees of security. In general I advise an order that blocks first, allows later. Using the broadest criteria and fastest ACL types early and the fine tuning detail ones later. Things along the lines of: 1) block relaying of all external requests (if possible) 2) allowing local machines with unlimited access 3) general allow authentications 4) other specific complicated denials 5) other complicated allows 6) "deny all" Amos
