Solved

<Directory> and .htaccess

Posted on 2004-09-28
7
328 Views
Last Modified: 2010-03-04
I'd like to allow access to a private directory on my server to ppl on my LAN but not to anyone in the real world.

Specifically, I want to allow access to 192.168.0.0/24 to /private

Here's a copy of the relevant lines from my conf file:

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

#
# House Access
#
<Directory /private>
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/24
</Directory>

However, when I use a lynx client on a remote server to view the specified folder, it displays the contents quite happily (well, the index file to be precise)

Any suggestions? I'm happy to use .htaccess but I don't want passwords - just IP checking

Running on Win32
0
Comment
Question by:basiclife
  • 3
  • 3
7 Comments
 
LVL 38

Accepted Solution

by:
yuzh earned 500 total points
ID: 12176466
Modify your </Directory> for /private

<Directory /path-to/private>
 AllowOverride All
    Options FollowSymlinks
        <Limit GET POST OPTIONS PROPFIND>
        Order allow,deny
        Allow from 192.168.0.0/24
    </Limit>
</Directory>
 
then restart apache

 please read:
http://httpd.apache.org/docs/mod/core.html#allowoverride
http://sniptools.com/vault/windows-apache-and-htaccess-authentication.htm
0
 
LVL 5

Author Comment

by:basiclife
ID: 12176514
I think the problem I'm having _is_ with the path

On the file system it's D:\Apache\private with d:\Apache being the Doc root  so it's /private when served. So what EXACTLY should the <DIRECTORY> tag be? Do I need to quote it? / isn't quoted but later on, a C:\Program Files... Is I'm guessing this is because of the space? Finally, I've seen both ' and " used to quote paths. Is there any funcitonal difference between them?

AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?

And what does the LIMIT do?

BTW:- Thanks for the reference links. I'd managed to find most of the info already but a lot less concise.

Also, thanks for the quick reponse
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12176935
>>Do I need to quote it?
Yes
>>AllowOverride All - Is that letting .htaccess modify settings or letting <Directory> ?
Yes

>>And what does the LIMIT do?
The <Limit method> directive defines a block according to the HTTP method of the incoming request. Generally, it should not be used unless you really need it (for example, if you've implemented PUT and want to limit PUTs but not GETs), and we have not used it in site.authent. Unfortunately, Apache's online documentation encouraged its inappropriate use, so it is often found where it shouldn't be.

see: http://www.hk8.org/old_web/linux/apache/ch05_02.htm  (5.2.5) for more details

Also have a look at the following "Using .htaccess Files with Apache" (for Windows):
http://apache-server.com/tutorials/ATusing-htaccess.html
http:Q_20539697.html

To learn something about the PATH handling.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 5

Author Comment

by:basiclife
ID: 12179220
Thanks for all the help just one more question:

what should the opening directory statement look like?

<Directory ?????>


ie <Directory "/private"> or <Directory '/private'> or ???
0
 
LVL 19

Expert Comment

by:ramazanyich
ID: 12180488
You can use <Location> element instead of Directory.
So  use:
<Location /private>
...
</Location>
0
 
LVL 5

Author Comment

by:basiclife
ID: 12181752
Got it. And it works. Thanks!
0
 
LVL 38

Expert Comment

by:yuzh
ID: 12186285
Congratulations, you make it!

Cheers!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now