You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2012/04/13 01:34:13 UTC
DO NOT REPLY [Bug 53069] New: "Require not ip" generates error
https://issues.apache.org/bugzilla/show_bug.cgi?id=53069
Bug #: 53069
Summary: "Require not ip" generates error
Product: Apache httpd-2
Version: 2.4.1
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_authz_core
AssignedTo: bugs@httpd.apache.org
ReportedBy: david@hostelz.com
Classification: Unclassified
According to the docs http://httpd.apache.org/docs/2.4/howto/access.html the
way to block in IP address is like this:
Require not ip 10.252.46.165
But that always generates this server error:
.htaccess: negative Require directive has no effect in <RequireAny> directive
No, I'm not using a <RequireAny> directive anywhere in the .htaccess file or
even anywhere in my Apache configuration file.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 53069] "Require not ip" generates error
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53069
--- Comment #1 from orrd101@yahoo.com 2012-04-13 22:42:17 UTC ---
Thanks to someone who replied in a support forum, this is apparently the
correct usage:
<Directory xxxxx/>
<RequireAll>
Require all granted
Require not ip 10.252.46.165
</RequireAll>
</Directory>
I recommend that the documentation page at
http://httpd.apache.org/docs/2.4/howto/access.html and the error message
"negative Require directive has no effect in <RequireAny> directive" should be
changed to make this more clear for other users. The information on the
documentation page and in the error message are both misleading.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 53069] "Require not ip" generates error
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53069
Daniel Gruno <hu...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|mod_authz_core |Documentation
Hardware|PC |All
Version|2.4.1 |2.5-HEAD
OS|Linux |All
--- Comment #2 from Daniel Gruno <hu...@apache.org> ---
Moving to docs@ ownership
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 53069] "Require not ip" generates error
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=53069
Daniel Gruno <hu...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Daniel Gruno <hu...@apache.org> ---
Although this is actually covered in
http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require, I have made
some changes to the access howto to emphasize that a negation cannot stand on
its own.
As for the RequireAny block, it is always implied when you do not specify an
evaluation method yourself, and is covered in the mod_authz_core documentation,
and I quote: "When multiple Require directives are used in a single
configuration section and are not contained in another authorization directive
like <RequireAll>, they are implicitly contained within a <RequireAny>
directive."
--
You are receiving this mail because:
You are the assignee for the bug.