You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Issac Goldstand <ma...@beamartyr.net> on 2008/04/11 11:47:54 UTC
[OT] Re: Apache configuration question - restrict folder access to
local machine only
This really belongs on users@httpd, but having been asked already...
You could put it into a separate VirtualHost container, which listens on
127.0.0.1 Then you don't need to worry about Allow from to begin with.
Issac
John Zhang wrote:
> I have this question, and not sure if this is the
> right place. If not, I do appreciate someone pointing
> me to the right place.
>
> We have a situation that we would like to restrict the
> access to certain folders only to requests from the
> "local machine". Here is why:
> When a page is processed by our filter, the filter
> (based on page logic) may request pages (just like a
> regular web page request) that should never go to the
> browser. We put these pages in a folder. And would
> like to use apache config to restrict the access to
> only the "local machine". Here is the config
> <LocationMatch "/secrete-stuff/">
> Order Deny,Allow
> Deny from all
> Allow from 127.0.0.1
> #Allow from localhost
> </LocationMatch>
>
> The issue we face:
> When our filter issues the request, we use the
> hostname from the original request. eg, original
> request
> http://1.2.3.4/index.html
> our filter might issue
> http://1.2.3.4/something/secrete-stuff/server.js
>
> In order to make the above directive work, we will
> have to put the ip (1.2.3.4) in the Allow section.
> However, we are planning to deply many servers, it
> would be very hard for us to edit each config file.
> So we are wondering if there are anyway we can achieve
> the same result without make ip-specific changes.
>
> Thanks in advanvce for your help.
> John