You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Andrew Hall <an...@gmail.com> on 2008/09/04 11:43:35 UTC

[users@httpd] Indexes and Authentication

Hi there.

I'd like to allow directory indexes for certain clients but not for others.

Specifically to allow our internal network to view them but external
connections to be refused.

Is there some way to wrap Options [+-]Indexes within Authentication by
IP address ?

Thanks very much.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Indexes and Authentication

Posted by Staf Wagemakers <st...@gmail.com>.

On Thu, Sep 4, 2008 at 9:47 PM, Justin Pasher
<ju...@newmediagateway.com> wrote:
> Andrew Hall wrote:
>>
>> Hi there.
>>
>> I'd like to allow directory indexes for certain clients but not for
>> others.
>>
>> Specifically to allow our internal network to view them but external
>> connections to be refused.
>>
>> Is there some way to wrap Options [+-]Indexes within Authentication by
>> IP address ?
>>
>> Thanks very much.
>>
>
> I don't think you're going to be able to do this, as the Options directive
> can only be changed within a "container" context (e.g. global config,
> <VirtualHost>, <Directory>, .htaccess). Since the Allow from/Deny from
> directives are not container objects, you can't wrap the Options directive
> inside of them. A solution I have used in the past to emulate this behavior
> is to create an index files written in a programming language like PHP or
> Perl and have that page generate the index listing instead of Apache. This
> allows you to put any security checks you like on the directory index
> generation.
>
> Justin Pasher
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

It should be to use the <location> directive for this...

e.g.

<location  /index.html>
                 Order Deny,Allow
                 Deny from all

                 Allow from xxx.xxx.xxx.xxx

</location>

hope this helps,

-- 
Staf Wagemakers - http://www.wagemakers.be

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Indexes and Authentication

Posted by Justin Pasher <ju...@newmediagateway.com>.

Andrew Hall wrote:
> Hi there.
>
> I'd like to allow directory indexes for certain clients but not for others.
>
> Specifically to allow our internal network to view them but external
> connections to be refused.
>
> Is there some way to wrap Options [+-]Indexes within Authentication by
> IP address ?
>
> Thanks very much.
>   

I don't think you're going to be able to do this, as the Options 
directive can only be changed within a "container" context (e.g. global 
config, <VirtualHost>, <Directory>, .htaccess). Since the Allow 
from/Deny from directives are not container objects, you can't wrap the 
Options directive inside of them. A solution I have used in the past to 
emulate this behavior is to create an index files written in a 
programming language like PHP or Perl and have that page generate the 
index listing instead of Apache. This allows you to put any security 
checks you like on the directory index generation.

Justin Pasher

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org