You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jason Brooks <ja...@eroi.com> on 2017/01/25 19:32:26 UTC
[users@httpd] directive not having any effect
Hello,
I am trying to lock out wp-admin.php to all but a whitelist of ip addresses.
<Files wp-login.php>
require ip www.xxx.yyy.zzz
</Files>
This is ubuntu 16.04 LTS running apache 2.4.18, and php-fpm.
The "require ip www.xxx.yyy.zzz” all by itself blocks access for everyone except for the ip address, so THAT part works.
Browser’s tested:
firefox with cache disabler enabled
chrome with cache killer enabled
Systems used to test:
one macbook air connected via my cell phone tether (verified not using the same ip)
one macbook pro connected via my wifi (and connecting via the listed ip address)
Here are the conditions I have tested:
I have tried this in both my virtualhost configuration as well as my .htaccess file:
I have tried this with and without quotes around “wp-login.php”
I have tried this using FilesMatch "^/wp-login.php.*”
Its as if it’s A) completely ignoring the Files directive, or B) somehow the filename doesn’t match.
What’s going on?
—jason
Jason Brooks Systems Administrator
eROI Performance is Art.
m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
t: 503.290.3105 f: 503.228.4249
fb: fb.com/eROI <http://www.facebook.com/eROI>
Re: [users@httpd] directive not having any effect
Posted by Jason Brooks <ja...@eroi.com>.
Hello Rainer,
Thanks for your suggestion: I checked, and apache appears to handle multiple leading slashes properly without having to specify the regex as “^/+wp-login.php.*”
And it appears to be consistent using safari, chrome, and firefox.
—jason
Jason Brooks Systems Administrator
eROI Performance is Art.
m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
t: 503.290.3105 f: 503.228.4249
fb: fb.com/eROI <http://www.facebook.com/eROI>
> On Jan 25, 2017, at 1:00 PM, Rainer Jung <ra...@kippdata.de> wrote:
>
> Am 25.01.2017 um 20:57 schrieb Jason Brooks:
>> Ok, that’s exactly what did it:
>>
>> I put in two locationmatches:
>>
>> one being:
>> <LocationMatch “^/wp-admin.*>
>>
>> and the other:
>> <LocationMatch “^/wp-login.php.*>
>>
>> Thank you for your fast response!
>
> What about multiple leading slashes, e.g. ///wp-login.php ?
>
> Check and if those are not yet covered use something like
>
> <LocationMatch “^/+wp-login.php.*>
>
> instead.
>
> Regards,
>
> Rainer
>
>>> On Jan 25, 2017, at 11:42 AM, Eric Covener <covener@gmail.com
>>> <ma...@gmail.com>> wrote:
>>>
>>> Yep
>>>
>>> On Wed, Jan 25, 2017 at 2:41 PM, Jason Brooks <jason.brooks@eroi.com
>>> <ma...@eroi.com>> wrote:
>>>
>>> Ah: I am using a proxypassmatch for *.php.
>>>
>>> Will <Location …> work?
>>>
>>> —jason
>>>
>>>
>>> Jason Brooks Systems Administrator
>>> eROI Performance is Art.
>>>
>>>
>>> m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
>>> t: 503.290.3105 <tel:(503)%20290-3105> f: 503.228.4249
>>> <tel:(503)%20228-4249>
>>>
>>>
>>> fb: fb.com/eROI <http://www.facebook.com/eROI>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>> On Jan 25, 2017, at 11:39 AM, Eric Covener <covener@gmail.com
>>>> <ma...@gmail.com>> wrote:
>>>>
>>>>
>>>> On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks
>>>> <jason.brooks@eroi.com <ma...@eroi.com>> wrote:
>>>>
>>>> What’s going on?
>>>>
>>>>
>>>> If it's proxied, <Files> won't match.
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Eric Covener
>>>> covener@gmail.com <ma...@gmail.com>
>>>
>>>
>>>
>>>
>>> --
>>> Eric Covener
>>> covener@gmail.com <ma...@gmail.com>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
Re: [users@httpd] directive not having any effect
Posted by Rainer Jung <ra...@kippdata.de>.
Am 25.01.2017 um 20:57 schrieb Jason Brooks:
> Ok, that\u2019s exactly what did it:
>
> I put in two locationmatches:
>
> one being:
> <LocationMatch \u201c^/wp-admin.*>
>
> and the other:
> <LocationMatch \u201c^/wp-login.php.*>
>
> Thank you for your fast response!
What about multiple leading slashes, e.g. ///wp-login.php ?
Check and if those are not yet covered use something like
<LocationMatch \u201c^/+wp-login.php.*>
instead.
Regards,
Rainer
>> On Jan 25, 2017, at 11:42 AM, Eric Covener <covener@gmail.com
>> <ma...@gmail.com>> wrote:
>>
>> Yep
>>
>> On Wed, Jan 25, 2017 at 2:41 PM, Jason Brooks <jason.brooks@eroi.com
>> <ma...@eroi.com>> wrote:
>>
>> Ah: I am using a proxypassmatch for *.php.
>>
>> Will <Location \u2026> work?
>>
>> \u2014jason
>>
>>
>> Jason Brooks Systems Administrator
>> eROI Performance is Art.
>>
>>
>> m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
>> t: 503.290.3105 <tel:(503)%20290-3105> f: 503.228.4249
>> <tel:(503)%20228-4249>
>>
>>
>> fb: fb.com/eROI <http://www.facebook.com/eROI>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>> On Jan 25, 2017, at 11:39 AM, Eric Covener <covener@gmail.com
>>> <ma...@gmail.com>> wrote:
>>>
>>>
>>> On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks
>>> <jason.brooks@eroi.com <ma...@eroi.com>> wrote:
>>>
>>> What\u2019s going on?
>>>
>>>
>>> \u200bIf it's proxied, <Files> won't match.
>>> \u200b
>>>
>>>
>>>
>>> --
>>> Eric Covener
>>> covener@gmail.com <ma...@gmail.com>
>>
>>
>>
>>
>> --
>> Eric Covener
>> covener@gmail.com <ma...@gmail.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] directive not having any effect
Posted by Jason Brooks <ja...@eroi.com>.
Ok, that’s exactly what did it:
I put in two locationmatches:
one being:
<LocationMatch “^/wp-admin.*>
and the other:
<LocationMatch “^/wp-login.php.*>
Thank you for your fast response!
—jason
Jason Brooks Systems Administrator
eROI Performance is Art.
m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
t: 503.290.3105 f: 503.228.4249
fb: fb.com/eROI <http://www.facebook.com/eROI>
> On Jan 25, 2017, at 11:42 AM, Eric Covener <co...@gmail.com> wrote:
>
> Yep
>
> On Wed, Jan 25, 2017 at 2:41 PM, Jason Brooks <jason.brooks@eroi.com <ma...@eroi.com>> wrote:
> Ah: I am using a proxypassmatch for *.php.
>
> Will <Location …> work?
>
> —jason
>
>
> Jason Brooks Systems Administrator
> eROI Performance is Art.
>
> m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
> t: 503.290.3105 <tel:(503)%20290-3105> f: 503.228.4249 <tel:(503)%20228-4249>
>
>
> fb: fb.com/eROI <http://www.facebook.com/eROI>
>
>
>
>
>
>
>
>
>> On Jan 25, 2017, at 11:39 AM, Eric Covener <covener@gmail.com <ma...@gmail.com>> wrote:
>>
>>
>> On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks <jason.brooks@eroi.com <ma...@eroi.com>> wrote:
>> What’s going on?
>>
>> If it's proxied, <Files> won't match.
>>
>>
>>
>>
>> --
>> Eric Covener
>> covener@gmail.com <ma...@gmail.com>
>
>
>
> --
> Eric Covener
> covener@gmail.com <ma...@gmail.com>
Re: [users@httpd] directive not having any effect
Posted by Eric Covener <co...@gmail.com>.
Yep
On Wed, Jan 25, 2017 at 2:41 PM, Jason Brooks <ja...@eroi.com> wrote:
> Ah: I am using a proxypassmatch for *.php.
>
> Will <Location …> work?
>
> —jason
>
>
> Jason Brooks Systems Administrator
> eROI Performance is Art.
>
> m: 505 nw couch #300 w: eroi.com
> t: 503.290.3105 <(503)%20290-3105> f: 503.228.4249 <(503)%20228-4249>
>
>
> fb: fb.com/eROI <http://www.facebook.com/eROI>
>
>
>
>
>
>
>
>
> On Jan 25, 2017, at 11:39 AM, Eric Covener <co...@gmail.com> wrote:
>
>
> On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks <ja...@eroi.com>
> wrote:
>
>> What’s going on?
>>
>
> If it's proxied, <Files> won't match.
>
>
>
>
> --
> Eric Covener
> covener@gmail.com
>
>
>
--
Eric Covener
covener@gmail.com
Re: [users@httpd] directive not having any effect
Posted by Jason Brooks <ja...@eroi.com>.
Ah: I am using a proxypassmatch for *.php.
Will <Location …> work?
—jason
Jason Brooks Systems Administrator
eROI Performance is Art.
m: 505 nw couch #300 w: eroi.com <http://eroi.com/>
t: 503.290.3105 f: 503.228.4249
fb: fb.com/eROI <http://www.facebook.com/eROI>
> On Jan 25, 2017, at 11:39 AM, Eric Covener <co...@gmail.com> wrote:
>
>
> On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks <jason.brooks@eroi.com <ma...@eroi.com>> wrote:
> What’s going on?
>
> If it's proxied, <Files> won't match.
>
>
>
>
> --
> Eric Covener
> covener@gmail.com <ma...@gmail.com>
Re: [users@httpd] directive not having any effect
Posted by Eric Covener <co...@gmail.com>.
On Wed, Jan 25, 2017 at 2:32 PM, Jason Brooks <ja...@eroi.com> wrote:
> What’s going on?
>
If it's proxied, <Files> won't match.
--
Eric Covener
covener@gmail.com