You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Apolinaras \"Apollo\" Sinkevicius" <ap...@yahoo.com> on 2002/04/01 21:03:49 UTC
I need help with access configuration by host and by IP for my
mirror server I host...
I need help.
I host couple of big files on my server which are pretty darn popular. The
main file I am mirroring is a MYSQL database management tool for Windows
and so far I get about 10 gigs worth of traffic from that file, which is a
but too much for me. So it is hoging my bandwidth, but I do not want to
drop mirroring them. I have agreed with the author that I will provide
access to those files only to select countries... Here is the stuff I need
to do, but I don't know how.
1. I would like to only allow poeple from USA, UK, Germany, Canada access
those file on my Apache. How can I achieve that? Something like Allow
directive . What I have now does not seem to work.
<Directory "/mysql">
deny from all
allow from .com
allow from .ca
allow from .net
allow from .org
allow from .de
allow from .uk
</Directory>
2. I would like to block access from any unresolved host users (the ones
who's IP can not be resolved into a host). How can that be done for just
one directory? Is there a place I can download list of IP blocks for
mentioned countries and do allow function for those blocks?
Your help is greatly appreciated.
Apollo
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: I need help with access configuration by host and by IP for my
mirror server I host...
Posted by Joshua Slive <jo...@slive.ca>.
On Mon, 1 Apr 2002, Apolinaras "Apollo" Sinkevicius wrote:
> 1. I would like to only allow poeple from USA, UK, Germany, Canada access
> those file on my Apache. How can I achieve that? Something like Allow
> directive . What I have now does not seem to work.
What you want isn't possible in any real sense. People from ".com"
addresses can come from all over the world, and conversely, people from
the USA may be using many different top-level-domains other than
com/net/org. People who want to do this in a serious way look at who owns
the IP address in question, but even that technique is full of holes.
> <Directory "/mysql">
Do you really have a directory "mysql" in your filesystem root? I suspect
this should be <Directory /usr/local/apache/htdocs/mysql> or something
similar.
Also, you probably want to have
Order deny,allow
> deny from all
> allow from .com
> allow from .ca
> allow from .net
> allow from .org
> allow from .de
> allow from .uk
> </Directory>
>
> 2. I would like to block access from any unresolved host users (the ones
> who's IP can not be resolved into a host). How can that be done for just
> one directory?
The configuration you have above should block unresolved domain names. If
you want to do it without a "deny from all/allow from ...", you can use
mod_rewrite.
> Is there a place I can download list of IP blocks for
> mentioned countries and do allow function for those blocks?
Not that I know of.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org