You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by m....@student.utwente.nl on 2007/09/21 13:01:13 UTC
[users@httpd] mod_access problem
Hi,
When I use the mod_access directives to limit access to certain files or
commands, they just seem to be ignored. For example, to disable
downloading of .htaccess and .htpasswd files I use the (almost) standard
rules of:
--- example ---
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
--- /example ---
As far as I know this should disallow anyone (including users logging in
through HTTP AUTH) to open the .ht* files. But if I try to download
them, they can be opened.
The same problem goes for any other access limiting based on IP.
--- server info (first part of mod_info) ---
Apache Server Information
Server Settings, mod_dav_fs.c, mod_dav.c, mod_suexec.c,
mod_rewrite.c,
mod_python.c, mod_perl.c, mod_php5.c, mod_ssl.c, mod_info.c,
mod_userdir.c, mod_status.c, mod_setenvif.c,
mod_negotiation.c,
mod_mime.c, mod_log_config.c, mod_include.c, mod_expires.c,
mod_env.c, mod_dir.c, mod_cgi.c, mod_autoindex.c,
mod_auth_dbm.c, mod_auth.c, mod_alias.c, mod_actions.c,
mod_access.c, mod_so.c, http_core.c, prefork.c, core.c
Server Version: Apache/2.0.53 (Linux/SUSE)
Server Built: Aug 30 2006 13:14:23
API Version: 20020903:9
--- /server info (first part of mod_info) ---
I'm running Suse 9.3 and don't want to change OS or upgrade to a newer
version (of the OS as well as Apache), so I hope someone can find a
solution without having to do this.
Thanks in advance,
Mark
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Making way through firewall
Posted by Ge...@gta-travel.com.
Hi Dimitry,
That sounds more like a firewall related question than apache. You
probably want to configure natting on your firewall or just open up port
80 on the firewall, and then making sure that your apache configuration
security wise is up to scratch.
Regards
> -----Original Message-----
> From: DimitryASuplatov [mailto:genesup@gmail.com]
> Sent: 21 September 2007 13:09
> To: users@httpd.apache.org
> Subject: [users@httpd] Making way through firewall
>
> Hello
> I want to install apache on my computer. The problem is that
> I cannot directly connect to my computer from outdoors of my
> facility. I have full control over my computer and user
> password for cental firewall computer. But I do not want to
> do the tunneling through firewall computer. I want a direct
> connection.
> The question is, could I somehow configure apache on my
> computer to make it run through firewall computer. In other
> words I want to use something like this <firewall computer
> ip>:<some port> for my site adress. It that possible.
> Thanks.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Making way through firewall
Posted by DimitryASuplatov <ge...@gmail.com>.
Hello
I want to install apache on my computer. The problem is that I cannot
directly connect to my computer from outdoors of my facility. I have
full control over my computer and user password for cental firewall
computer. But I do not want to do the tunneling through firewall
computer. I want a direct connection.
The question is, could I somehow configure apache on my computer to make
it run through firewall computer. In other words I want to use something
like this <firewall computer ip>:<some port> for my site adress. It that
possible.
Thanks.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] mod_access problem
Posted by m....@student.utwente.nl.
> -----Original Message-----
> From: jslive@gmail.com [mailto:jslive@gmail.com] On Behalf Of Joshua
> Slive
> Sent: vrijdag 21 september 2007 15:09
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] mod_access problem
>
> On 9/21/07, m.a.m.vanbeek@student.utwente.nl
> <m....@student.utwente.nl> wrote:
> > Hi,
> >
> > When I use the mod_access directives to limit access to certain
files
> or
> > commands, they just seem to be ignored. For example, to disable
> > downloading of .htaccess and .htpasswd files I use the (almost)
> standard
> > rules of:
> >
> > --- example ---
> > <Files ~ "^\.ht">
> > Order allow,deny
> > Deny from all
> > Satisfy all
> > </Files>
> > --- /example ---
> >
> > As far as I know this should disallow anyone (including users
logging
> in
> > through HTTP AUTH) to open the .ht* files. But if I try to download
> > them, they can be opened.
> > The same problem goes for any other access limiting based on IP.
>
> Start by reading this:
> http://httpd.apache.org/docs/2.2/sections.html#mergin
>
> It may be that you have other access-control directives in a
> <Location> section that are overriding your <Files> section.
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Hi,
Found the problem, a long time ago, some punk was abusing a forum I
hosted and I (stupidly) created a <Location /> with his IP as deny and
allow from all, not knowing this would override the other access
restrictions.
Thanks,
Mark
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] mod_access problem
Posted by Joshua Slive <jo...@slive.ca>.
On 9/21/07, m.a.m.vanbeek@student.utwente.nl
<m....@student.utwente.nl> wrote:
> Hi,
>
> When I use the mod_access directives to limit access to certain files or
> commands, they just seem to be ignored. For example, to disable
> downloading of .htaccess and .htpasswd files I use the (almost) standard
> rules of:
>
> --- example ---
> <Files ~ "^\.ht">
> Order allow,deny
> Deny from all
> Satisfy all
> </Files>
> --- /example ---
>
> As far as I know this should disallow anyone (including users logging in
> through HTTP AUTH) to open the .ht* files. But if I try to download
> them, they can be opened.
> The same problem goes for any other access limiting based on IP.
Start by reading this:
http://httpd.apache.org/docs/2.2/sections.html#mergin
It may be that you have other access-control directives in a
<Location> section that are overriding your <Files> section.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org