You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Bill Tantzen <ta...@umn.edu> on 2018/12/12 18:59:02 UTC
[users@httpd] Authorization Containers
This seems so simple, yet it doesn't work. I would like to block some
troublesome clients from accessing my website. I have streamlined it
to what I think is the simplest possible example: block clients from a
single domain.
<Directory "/var/www/httpd”>
Options Indexes FollowSymLinks
AllowOverride None
<RequireAny>
<RequireAll>
Require all granted
Require not host example.com
</RequireAll>
</RequireAny>
</Directory>
Yet, in my logs I continue to see requests from host1.example.com,
host2.example.com, etc with status codes of 200.
This is based on http://httpd.apache.org/docs/2.4/howto/access.html,
specifically the section "Access control by host"
My apache version is 2.4.6 (Red Hat Enterprise LInux)
What am I misunderstanding about this documentation?
Thanks so much for thinking about this!!
-- Bill
--
Human wheels spin round and round
While the clock keeps the pace... -- John Mellencamp
________________________________________________________________
Bill Tantzen University of Minnesota Libraries
612-626-9949 (U of M) 612-325-1777 (cell)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Authorization Containers
Posted by Bill Tantzen <ta...@umn.edu>.
Here's what works -- I think (I will have to do some additional
testing). I moved the directives from <Directory> to <Location/>.
According to the documentation, it should have worked in <Directory>,
but maybe the redirect caused problems? Anyway, the bottom line is
that I got it to work as expected. I just don't know quite why, so I
will need to do a little research there.
Thanks for looking!
Bill
On Thu, Dec 13, 2018 at 9:58 AM Bill Tantzen <ta...@umn.edu> wrote:
>
> No, that's the document root.
>
> But...
>
> In httpd.conf, <Location /> I am redirecting all traffic to https.
> The <Directory> where I have this configured is in my ssl.conf.
> Should this make a difference?
> -- Bill
> On Wed, Dec 12, 2018 at 7:37 PM Jonathon Koyle <li...@gmail.com> wrote:
> >
> > Is there a different document root defined for the site that is being accessed?
> >
> > On Wed, Dec 12, 2018 at 11:59 AM Bill Tantzen <ta...@umn.edu> wrote:
> >>
> >> This seems so simple, yet it doesn't work. I would like to block some
> >> troublesome clients from accessing my website. I have streamlined it
> >> to what I think is the simplest possible example: block clients from a
> >> single domain.
> >>
> >> <Directory "/var/www/httpd”>
> >> Options Indexes FollowSymLinks
> >> AllowOverride None
> >> <RequireAny>
> >> <RequireAll>
> >> Require all granted
> >> Require not host example.com
> >> </RequireAll>
> >> </RequireAny>
> >> </Directory>
> >>
> >> Yet, in my logs I continue to see requests from host1.example.com,
> >> host2.example.com, etc with status codes of 200.
> >>
> >> This is based on http://httpd.apache.org/docs/2.4/howto/access.html,
> >> specifically the section "Access control by host"
> >> My apache version is 2.4.6 (Red Hat Enterprise LInux)
> >>
> >> What am I misunderstanding about this documentation?
> >> Thanks so much for thinking about this!!
> >>
> >> -- Bill
> >>
> >> --
> >> Human wheels spin round and round
> >> While the clock keeps the pace... -- John Mellencamp
> >> ________________________________________________________________
> >> Bill Tantzen University of Minnesota Libraries
> >> 612-626-9949 (U of M) 612-325-1777 (cell)
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >> For additional commands, e-mail: users-help@httpd.apache.org
> >>
> >
> >
> > --
> > Jonathon Koyle
>
>
>
> --
> Human wheels spin round and round
> While the clock keeps the pace... -- John Mellencamp
> ________________________________________________________________
> Bill Tantzen University of Minnesota Libraries
> 612-626-9949 (U of M) 612-325-1777 (cell)
--
Human wheels spin round and round
While the clock keeps the pace... -- John Mellencamp
________________________________________________________________
Bill Tantzen University of Minnesota Libraries
612-626-9949 (U of M) 612-325-1777 (cell)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Authorization Containers
Posted by Bill Tantzen <ta...@umn.edu>.
No, that's the document root.
But...
In httpd.conf, <Location /> I am redirecting all traffic to https.
The <Directory> where I have this configured is in my ssl.conf.
Should this make a difference?
-- Bill
On Wed, Dec 12, 2018 at 7:37 PM Jonathon Koyle <li...@gmail.com> wrote:
>
> Is there a different document root defined for the site that is being accessed?
>
> On Wed, Dec 12, 2018 at 11:59 AM Bill Tantzen <ta...@umn.edu> wrote:
>>
>> This seems so simple, yet it doesn't work. I would like to block some
>> troublesome clients from accessing my website. I have streamlined it
>> to what I think is the simplest possible example: block clients from a
>> single domain.
>>
>> <Directory "/var/www/httpd”>
>> Options Indexes FollowSymLinks
>> AllowOverride None
>> <RequireAny>
>> <RequireAll>
>> Require all granted
>> Require not host example.com
>> </RequireAll>
>> </RequireAny>
>> </Directory>
>>
>> Yet, in my logs I continue to see requests from host1.example.com,
>> host2.example.com, etc with status codes of 200.
>>
>> This is based on http://httpd.apache.org/docs/2.4/howto/access.html,
>> specifically the section "Access control by host"
>> My apache version is 2.4.6 (Red Hat Enterprise LInux)
>>
>> What am I misunderstanding about this documentation?
>> Thanks so much for thinking about this!!
>>
>> -- Bill
>>
>> --
>> Human wheels spin round and round
>> While the clock keeps the pace... -- John Mellencamp
>> ________________________________________________________________
>> Bill Tantzen University of Minnesota Libraries
>> 612-626-9949 (U of M) 612-325-1777 (cell)
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
> --
> Jonathon Koyle
--
Human wheels spin round and round
While the clock keeps the pace... -- John Mellencamp
________________________________________________________________
Bill Tantzen University of Minnesota Libraries
612-626-9949 (U of M) 612-325-1777 (cell)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Authorization Containers
Posted by Jonathon Koyle <li...@gmail.com>.
Is there a different document root defined for the site that is being
accessed?
On Wed, Dec 12, 2018 at 11:59 AM Bill Tantzen <ta...@umn.edu> wrote:
> This seems so simple, yet it doesn't work. I would like to block some
> troublesome clients from accessing my website. I have streamlined it
> to what I think is the simplest possible example: block clients from a
> single domain.
>
> <Directory "/var/www/httpd”>
> Options Indexes FollowSymLinks
> AllowOverride None
> <RequireAny>
> <RequireAll>
> Require all granted
> Require not host example.com
> </RequireAll>
> </RequireAny>
> </Directory>
>
> Yet, in my logs I continue to see requests from host1.example.com,
> host2.example.com, etc with status codes of 200.
>
> This is based on http://httpd.apache.org/docs/2.4/howto/access.html,
> specifically the section "Access control by host"
> My apache version is 2.4.6 (Red Hat Enterprise LInux)
>
> What am I misunderstanding about this documentation?
> Thanks so much for thinking about this!!
>
> -- Bill
>
> --
> Human wheels spin round and round
> While the clock keeps the pace... -- John Mellencamp
> ________________________________________________________________
> Bill Tantzen University of Minnesota Libraries
> 612-626-9949 (U of M) 612-325-1777 (cell)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
--
Jonathon Koyle