Solved

<Directory> and .htaccess

Posted on 2004-09-28
7
331 Views
Last Modified: 2010-03-04
I'd like to allow access to a private directory on my server to ppl on my LAN but not to anyone in the real world.

Specifically, I want to allow access to 192.168.0.0/24 to /private

Here's a copy of the relevant lines from my conf file:

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

#
# House Access
#
<Directory /private>
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/24
</Directory>

However, when I use a lynx client on a remote server to view the specified folder, it displays the contents quite happily (well, the index file to be precise)

Any suggestions? I'm happy to use .htaccess but I don't want passwords - just IP checking

Running on Win32
0
Comment
Question by:basiclife
  • 3
  • 3
7 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 12176466
Modify your </Directory> for /private

<Directory /path-to/private>
 AllowOverride All
    Options FollowSymlinks
        <Limit GET POST OPTIONS PROPFIND>
        Order allow,deny
        Allow from 192.168.0.0/24
    </Limit>
</Directory>
 
then restart apache

 please read:
http://httpd.apache.org/docs/mod/core.html#allowoverride
http://sniptools.com/vault/windows-apache-and-htaccess-authentication.htm
0
 
LVL 5

Author Comment

by:basiclife
ID: 12176514
I think the problem I'm having _is_ with the path

On the file system it's D:\Apache\private with d:\Apache being the Doc root  so it's /private when served. So what EXACTLY should the <DIRECTORY> tag be? Do I need to quote it? / isn't quoted but later on, a C:\Program Files... Is I'm guessing this is because of the space? Finally, I've seen both ' and " used to quote paths. Is there any funcitonal difference between them?

AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?

And what does the LIMIT do?

BTW:- Thanks for the reference links. I'd managed to find most of the info already but a lot less concise.

Also, thanks for the quick reponse
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12176935
>>Do I need to quote it?
Yes
>>AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?
Yes

>>And what does the LIMIT do?
The <Limit method> directive defines a block according to the HTTP method of the incoming request. Generally, it should not be used unless you really need it (for example, if you've implemented PUT and want to limit PUTs but not GETs), and we have not used it in site.authent. Unfortunately, Apache's online documentation encouraged its inappropriate use, so it is often found where it shouldn't be.

see: http://www.hk8.org/old_web/linux/apache/ch05_02.htm  (5.2.5) for more details

Also have a look at the following "Using .htaccess Files with Apache" (for Windows):
http://apache-server.com/tutorials/ATusing-htaccess.html
http:Q_20539697.html

To learn something about the PATH handling.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 5

Author Comment

by:basiclife
ID: 12179220
Thanks for all the help just one more question:

what should the opening directory statement look like?

<Directory ?????>


ie <Directory "/private"> or <Directory '/private'> or ???
0
 
LVL 19

Expert Comment

by:ramazanyich
ID: 12180488
You can use <Location> element instead of Directory.
So  use:
<Location /private>
...
</Location>
0
 
LVL 5

Author Comment

by:basiclife
ID: 12181752
Got it. And it works. Thanks!
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12186285
Congratulations, you make it!

Cheers!
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Redirect from old domain to new domain 19 73
Xampp Not Stopping 9 41
Problem with .htaccess file 4 70
NGINX/Apache redirect on 403 and 404 5 89
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question