You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Hugh Williams <hu...@soco.agilent.com> on 2002/03/07 20:38:26 UTC
access directives being ignored
Hi;
I hate when something obvious is obviously escaping me...I cannot get the
allow/deny behavior from within an .htaccess file to perform as advertised.
Configuration info:
HP-UX (10.20)
apache 1.3.22
"httpd -l | grep access" returns 'mod_access.c', so it's definitely there
Portions of httpd.conf - I've opened this up pretty wide, but it's a
testing server:
###############################
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /users/webdevel/apache/htdocs>
Options Indexes FollowSymLinks Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<DirectoryMatch "/opt/apache/htdocs/org/.*">
AllowOverride AuthConfig Limit
Options Indexes FollowSymLinks Includes
Order deny,allow
Allow from all
</DirectoryMatch>
<DirectoryMatch "/users/webdevel/apache/htdocs/org/.*">
AllowOverride AuthConfig Limit
Options Indexes FollowSymLinks Includes
Order deny,allow
Allow from all
</DirectoryMatch>
AccessFileName .htaccess
###############################
OK, so here's the .htaccess file located in
/opt/apache/htdocs/org/testme/
###############################
Order deny,allow
Deny from all
Deny from 141.121.49.4
Allow from 121.141.48.22
###############################
My workstation's IP is 141.121.49.4, and I am not using a proxy; the access
log shows this IP as reading the page and getting a '200' return code:
141.121.49.4 - - [07/Mar/2002:11:36:10 -0800] "GET /org/testme/ HTTP/1.0" 200 730
And the server allows me to view this directory :-(
I've tested the .htaccess functionality:
- bad grammar is detected and generates a 500 error
- adding "AuthType/require" options perform as expected (I know this is a
different module also)
- changing the "Order" to 'allow,deny' has no effect
- changing the "Deny from" entries to hostnames, domain names, and
partial domain names has no effect.
What am I missing!?!?!?
Thanks,
hugh
--
Hugh Williams "Rome did not create a great empire by
hugh_williams@agilent.com having meetings...they did it by
Agilent Technologies killing all those who opposed them."
Santa Rosa 2LS-R
(707)-577-4941
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org