Apache - VH SYNTAX 2.4

Hi Experts,

I upgraded Apache 2.2 to 2.4, used as a proxy.

Here an example for one VH :

<VirtualHost *:80>
        Servername apps-dev.contoso.com

        <Location />
                Order Deny,Allow
                Include conf-ip/allowed-ip-contoso.conf
        </Location>

        ProxyPass / http://10.0.0.50:8091/
        ProxyPassReverse / http://10.0.0.50:8091/
</VirtualHost>

Open in new window


How to have the correct syntax with the "require" command?  

I tried Required ip... but not working.
How can we replace "Include conf-ip/allowed-ip-contoso.conf" with the correct syntax?
I tried Required ip conf-ip/allowed-ip-contoso.conf... but not working.

EDIT1 : Include working! But the problem come from the allowed-ip-contoso.conf :

Order deny,allow

Deny from all


#############################  
## ALLOW IP ##
#############################  
Allow from 172.17.17.0/24
Allow from 13.108.0.0/14
Allow from 96.43.144.0/20
Allow from 136.146.0.0/15
Allow from 204.14.232.0/21


What is the correct syntax for 2.4?

Thank you
CLR BenjaminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
There is a syntax change.

The following is what I use for sites...

      DocumentRoot /sites/$project/$site/wordpress

      <Directory /sites/$project/$site/wordpress>
          Options +Indexes +FollowSymLinks
          AllowOverride All 
          Require all granted
      </Directory>

Open in new window


Note: If your proxy is FPM to run PHP, most distros take care of this for you with a /etc/apache2/conf-enabled/php7.3-fpm.conf file or something similar.

Be sure to check, because if your Distro packaging also contains proxy stanzas, then the duplication in your site config file will conflict with packaging config file.
CLR BenjaminAuthor Commented:
Thanks for your answer, I don't know if I understand what you said.

I just need to allow 192.168.0.0/16 172.19.0.0/16 to access the site.

I tried in the allowed_ip.conf :

<RequireAll>
    Require all denied
    Require ip 192.168.0.0/16
    Require ip 172.19.0.0/16
</RequireAll>

And it's not working.
Which module should be run on the server?
CLR BenjaminAuthor Commented:
It seems that the "Require IP" not working at all...
I have this error when I put require IP XXX.XXX.XXX.XXX :
Forbidden You don't have permission to access / on this server.

Open in new window


When I put Require all granted, the site is opened everywhere...
Maybe I have something wrong on my configuration.

Tell me if you need logs.
CLR BenjaminAuthor Commented:
I created a fresh new server and now it works!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix

From novice to tech pro — start learning today.