Apache: allow from url
In Apache (on Win xp), I have several allow from lines in httpd.conf, of the form
allow from <ip address>
I'd like to include a url, something like
allow from my.computer.com
where my.computer.com is being updated via dyndns (i'm behind a router). But when I tried this in Apache, it didn't work. Is there some way to do this?
If it makes any difference, it's hosting a .net web sevice ...
--Bill
allow from <ip address>
I'd like to include a url, something like
allow from my.computer.com
where my.computer.com is being updated via dyndns (i'm behind a router). But when I tried this in Apache, it didn't work. Is there some way to do this?
If it makes any difference, it's hosting a .net web sevice ...
--Bill
Last Comment
ASKER
How would user id / pw work with a webservice? That's what I need to access.
You have two options that I can think of.
1) Front end the web service with a server side script.
2) Program the security into the web service and let everything pass through to it.
However, I would assume that being a web service there should already be security built into it that should be prompting you for user-id and password.
Another option would be to get a static IP address for the remote side.
1) Front end the web service with a server side script.
2) Program the security into the web service and let everything pass through to it.
However, I would assume that being a web service there should already be security built into it that should be prompting you for user-id and password.
Another option would be to get a static IP address for the remote side.
can you use a domain instead, something like:
allow from computer.com
that will force apache to make a double DNS lookup for the IP (which might be a perfromance issue, obviously)
allow from computer.com
that will force apache to make a double DNS lookup for the IP (which might be a perfromance issue, obviously)
I didn't realize that you could allow domain names I knew you could block them, but never thought about using them on allows.
The domain name would need to match the the domain name on the PTR record for the IP address. This assumes there is a PTR record for the address, but this would allow every IP address that is within that defined domain.
The domain name would need to match the the domain name on the PTR record for the IP address. This assumes there is a PTR record for the address, but this would allow every IP address that is within that defined domain.
> .. but this would allow every IP address that is within that defined domain.
that's what the documentation says too:)
that's what the documentation says too:)
ASKER
I tried the allow from <domain name> (see original post) and it didn't seem to work ...
that's a pretty clear statement!
do you mind to give some details, or do you expect that every one has a crystal ball?
do you mind to give some details, or do you expect that every one has a crystal ball?
ASKER
Sorry, didn't intend to be snarky. I'm afraid I don't have any details to share. I added the line indicated and Apache seemed to ignore it. Did I miss an error message?
did you restart apache?
how about checking apache's error_log?
how about checking apache's error_log?
ASKER
Just restarted apache with the include from <url> and no error message.
> .. include from ..
you mean domain instead of url, do you?
> .. no error message.
you do not get any message in either acces_log nor error_log when you try to acces a resource protected with
deny from all
allow from computer.com
you mean domain instead of url, do you?
> .. no error message.
you do not get any message in either acces_log nor error_log when you try to acces a resource protected with
deny from all
allow from computer.com
ASKER
yes, i meant domain.
will check on the logs as you suggest
will check on the logs as you suggest
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
when i did the nslookup on the ip assigned by my servce provider, i got the message
;; got recursion not available from 192.168.1.254, trying next server
;; connection timed out, no servers could be reached
;; got recursion not available from 192.168.1.254, trying next server
;; connection timed out, no servers could be reached
Hopefull that is not the IP address assigned to you by your ISP. That is a private (RFC 1918) IP address, which is not allowed to be used on the public Internet. It is reserved for private internal networks.
Go here:
http://whatismyipaddress.com/
and it will tell you what your public IP address is.
Go here:
http://whatismyipaddress.com/
and it will tell you what your public IP address is.
> ;; connection timed out, no servers could be reached
you have not configured your DNS, you need to add a proper DNS server IP in /etc/resolve.conf first
you have not configured your DNS, you need to add a proper DNS server IP in /etc/resolve.conf first
ASKER
ok. i added one of verizon's dns servers, 151.197.0.38. Now the message is:
$ nslookup 74.167.140.150
Server: 151.197.0.38
Address: 151.197.0.38#53
** server can't find 150.140.167.74.in-addr.arp
does it matter what dns server i choose? if so, how do i go about identifying the right one?
$ nslookup 74.167.140.150
Server: 151.197.0.38
Address: 151.197.0.38#53
** server can't find 150.140.167.74.in-addr.arp
does it matter what dns server i choose? if so, how do i go about identifying the right one?
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
ok. so the fact that i'm using dyndns to associate a domain name with my ip does me no good, right?
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
ok, am checking on how userid/pw would work with a webservice ...
ASKER
I think my original question has been answered, so will close this. If I have a problem with userid/pw on webservice, will post new query. Thanks ...
Apache Web Server
The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.
21K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
What you might be able to do is create a small server side script using PHP that does a name lookup dynamically and then allows it.
However what I would suggest is that you use user-id and password to protect whatever it is you want to protect and then just allow it from everyplace.