Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

<Directory> and .htaccess

Posted on 2004-09-28
7
Medium Priority
?
335 Views
Last Modified: 2010-03-04
I'd like to allow access to a private directory on my server to ppl on my LAN but not to anyone in the real world.

Specifically, I want to allow access to 192.168.0.0/24 to /private

Here's a copy of the relevant lines from my conf file:

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

#
# House Access
#
<Directory /private>
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/24
</Directory>

However, when I use a lynx client on a remote server to view the specified folder, it displays the contents quite happily (well, the index file to be precise)

Any suggestions? I'm happy to use .htaccess but I don't want passwords - just IP checking

Running on Win32
0
Comment
Question by:basiclife
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 2000 total points
ID: 12176466
Modify your </Directory> for /private

<Directory /path-to/private>
 AllowOverride All
    Options FollowSymlinks
        <Limit GET POST OPTIONS PROPFIND>
        Order allow,deny
        Allow from 192.168.0.0/24
    </Limit>
</Directory>
 
then restart apache

 please read:
http://httpd.apache.org/docs/mod/core.html#allowoverride
http://sniptools.com/vault/windows-apache-and-htaccess-authentication.htm
0
 
LVL 5

Author Comment

by:basiclife
ID: 12176514
I think the problem I'm having _is_ with the path

On the file system it's D:\Apache\private with d:\Apache being the Doc root  so it's /private when served. So what EXACTLY should the <DIRECTORY> tag be? Do I need to quote it? / isn't quoted but later on, a C:\Program Files... Is I'm guessing this is because of the space? Finally, I've seen both ' and " used to quote paths. Is there any funcitonal difference between them?

AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?

And what does the LIMIT do?

BTW:- Thanks for the reference links. I'd managed to find most of the info already but a lot less concise.

Also, thanks for the quick reponse
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12176935
>>Do I need to quote it?
Yes
>>AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?
Yes

>>And what does the LIMIT do?
The <Limit method> directive defines a block according to the HTTP method of the incoming request. Generally, it should not be used unless you really need it (for example, if you've implemented PUT and want to limit PUTs but not GETs), and we have not used it in site.authent. Unfortunately, Apache's online documentation encouraged its inappropriate use, so it is often found where it shouldn't be.

see: http://www.hk8.org/old_web/linux/apache/ch05_02.htm  (5.2.5) for more details

Also have a look at the following "Using .htaccess Files with Apache" (for Windows):
http://apache-server.com/tutorials/ATusing-htaccess.html
http:Q_20539697.html

To learn something about the PATH handling.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 5

Author Comment

by:basiclife
ID: 12179220
Thanks for all the help just one more question:

what should the opening directory statement look like?

<Directory ?????>


ie <Directory "/private"> or <Directory '/private'> or ???
0
 
LVL 19

Expert Comment

by:ramazanyich
ID: 12180488
You can use <Location> element instead of Directory.
So  use:
<Location /private>
...
</Location>
0
 
LVL 5

Author Comment

by:basiclife
ID: 12181752
Got it. And it works. Thanks!
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12186285
Congratulations, you make it!

Cheers!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question