You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Hugh Williams <hu...@soco.agilent.com> on 2002/03/07 20:38:26 UTC

access directives being ignored

Hi;

I hate when something obvious is obviously escaping me...I cannot get the
allow/deny behavior from within an .htaccess file to perform as advertised.

Configuration info:

HP-UX (10.20)
apache 1.3.22
"httpd -l | grep access"  returns 'mod_access.c', so it's definitely there

Portions of httpd.conf - I've opened this up pretty wide, but it's a
testing server:

###############################
<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>

<Directory /users/webdevel/apache/htdocs>
   Options Indexes FollowSymLinks Includes
   AllowOverride All
   Order allow,deny
   Allow from all
</Directory>

<DirectoryMatch "/opt/apache/htdocs/org/.*">
    AllowOverride AuthConfig Limit
    Options Indexes FollowSymLinks Includes
    Order deny,allow
    Allow from all
</DirectoryMatch>

<DirectoryMatch "/users/webdevel/apache/htdocs/org/.*">
    AllowOverride AuthConfig Limit
    Options Indexes FollowSymLinks Includes
    Order deny,allow
    Allow from all
</DirectoryMatch>

AccessFileName .htaccess
###############################

OK, so here's the .htaccess file located in
/opt/apache/htdocs/org/testme/

###############################
Order deny,allow
Deny from all
Deny from 141.121.49.4
Allow from 121.141.48.22
###############################

My workstation's IP is 141.121.49.4, and I am not using a proxy; the access
log shows this IP as reading the page and getting a '200' return code:

141.121.49.4 - - [07/Mar/2002:11:36:10 -0800] "GET /org/testme/ HTTP/1.0" 200 730

And the server allows me to view this directory :-(

I've tested the .htaccess functionality:
 - bad grammar is detected and generates a 500 error
 - adding "AuthType/require" options perform as expected (I know this is a
       different module also)
 - changing the "Order" to 'allow,deny' has no effect
 - changing the "Deny from" entries to hostnames, domain names, and 
       partial domain names has no effect.

What am I missing!?!?!?

Thanks,

hugh

-- 
 Hugh Williams                  "Rome did not create a great empire by
 hugh_williams@agilent.com       having meetings...they did it by
 Agilent Technologies            killing all those who opposed them."
 Santa Rosa 2LS-R
 (707)-577-4941		

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org