[OT] Re: Apache configuration question - restrict folder access to local machine only

[Issac Goldstand <ma...@beamartyr.net>]

This really belongs on users@httpd, but having been asked already...

You could put it into a separate VirtualHost container, which listens on 
127.0.0.1  Then you don't need to worry about Allow from to begin with.

   Issac

John Zhang wrote:
> I have this question, and not sure if this is the
> right place.  If not, I do appreciate someone pointing
> me to the right place.
> 
> We have a situation that we would like to restrict the
> access to certain folders only to requests from the
> "local machine".  Here is why:
> When a page is processed by our filter, the filter
> (based on page logic) may request pages (just like a
> regular web page request) that should never go to the
> browser.  We put these pages in a folder.  And would
> like to use apache config to restrict the access to
> only the "local machine".  Here is the config
> <LocationMatch "/secrete-stuff/">
>     Order Deny,Allow
>     Deny from all
>     Allow from 127.0.0.1
>     #Allow from localhost
> </LocationMatch>
> 
> The issue we face:
>     When our filter issues the request, we use the
> hostname from the original request. eg, original
> request
> http://1.2.3.4/index.html
> our filter might issue
> http://1.2.3.4/something/secrete-stuff/server.js
> 
> In order to make the above directive work, we will
> have to put the ip (1.2.3.4) in the Allow section. 
> However, we are planning to deply many servers, it
> would be very hard for us to edit each config file. 
> So we are wondering if there are anyway we can achieve
> the same result without make ip-specific changes.
> 
> Thanks in advanvce for your help.
> John