You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Arun kumar R <ra...@yahoo.com> on 2002/12/29 07:03:24 UTC
[users@httpd] .htaccess file
Hi,
I want to block some of the ip's to access my website,
so i have created a .htaccess file as
<Limit GET>
order deny, allow
deny from xx.xx.xx.xxx
allow from all
</Limit>
in the root directory, but still those ip's are
accessing my web site. When i checked the httpd.conf
my settings for
AllowOverride is "None". If i change it to "All" then
even i am not able to access the site.
I am not very clear with the AllowOverride options,
can anyone help me to define the correct settings to
block those ip's.
Regards
Arun
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] .htaccess file
Posted by Remo Mattei <re...@italy1.com>.
You need allowoverride in order to use .htaccess
You may want to inverse the option in order and give it a shot. Let me know
otherwise I will send you mine.
Remo
> From: Arun kumar R <ra...@yahoo.com>
> Reply-To: users@httpd.apache.org
> Date: Sat, 28 Dec 2002 22:03:24 -0800 (PST)
> To: users@httpd.apache.org
> Subject: [users@httpd] .htaccess file
>
> Hi,
> I want to block some of the ip's to access my website,
> so i have created a .htaccess file as
> <Limit GET>
> order deny, allow
> deny from xx.xx.xx.xxx
> allow from all
> </Limit>
>
> in the root directory, but still those ip's are
> accessing my web site. When i checked the httpd.conf
> my settings for
>
> AllowOverride is "None". If i change it to "All" then
> even i am not able to access the site.
>
> I am not very clear with the AllowOverride options,
> can anyone help me to define the correct settings to
> block those ip's.
>
> Regards
> Arun
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Restricting pages based on ip's
Posted by Jeff Cohen <ap...@gej-it.com>.
Yes it is.
Can you change the IPs on your network to make it easier to do so with the
Apache?
You can restrict whole network in apache or individual IPs, I would suggest
you to make one unique segment to those who will be allowed and allow them
on the server, then deny the rest.
The directive for the whole network is:
<Directory "/">
Order deny,allow
Deny from all
Allow from 192.168.0.0/24
</Directory>
For individual set of IPs do:
<Directory "/">
Order deny,allow
Deny from all
Allow from 192.168.0.1/32 192.168.0.10/32
</Directory>
All the best,
Jeff Cohen
> -----Original Message-----
> From: Arun kumar R [mailto:rajapandy@yahoo.com]
> Sent: Thursday, January 16, 2003 7:56 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] Restricting pages based on ip's
>
> I am having one intranet webserver for local
> browsing.some important
> information needs security.
> i want to restrict some of the pages to some ips only.
> is it possible to do so.
> ver 8 linux.
>
>
> Regards
> Arun
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Restricting pages based on ip's
Posted by Arun kumar R <ra...@yahoo.com>.
I am having one intranet webserver for local
browsing.some important
information needs security.
i want to restrict some of the pages to some ips only.
is it possible to do so.
ver 8 linux.
Regards
Arun
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] restricting save picture as option
Posted by Chris Meadors <cl...@hereintown.net>.
Arun kumar R wrote:
> Is there is a way to restrict the web users from right
> clicking the mouse and select the "save picture as"
> option through configuration file.
If your webserver is serving the file it can be saved.
--
Chris
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] restricting save picture as option
Posted by Remo Mattei <re...@italy1.com>.
There is a javascript but people can still copy the picture with printscreen
:)
Remo
> From: Arun kumar R <ra...@yahoo.com>
> Reply-To: users@httpd.apache.org
> Date: Tue, 7 Jan 2003 22:44:24 -0800 (PST)
> To: users@httpd.apache.org
> Subject: [users@httpd] restricting save picture as option
>
> Is there is a way to restrict the web users from right
> clicking the mouse and select the "save picture as"
> option through configuration file.
>
> Regards
> Arun
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] restricting save picture as option
Posted by Arun kumar R <ra...@yahoo.com>.
Is there is a way to restrict the web users from right
clicking the mouse and select the "save picture as"
option through configuration file.
Regards
Arun
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] .htaccess file
Posted by Rich Bowen <rb...@rcbowen.com>.
On Sat, 28 Dec 2002, Arun kumar R wrote:
> Hi,
> I want to block some of the ip's to access my website,
> so i have created a .htaccess file as
> <Limit GET>
> order deny, allow
> deny from xx.xx.xx.xxx
> allow from all
> </Limit>
>
> in the root directory, but still those ip's are
> accessing my web site. When i checked the httpd.conf
> my settings for
>
> AllowOverride is "None". If i change it to "All" then
> even i am not able to access the site.
>
> I am not very clear with the AllowOverride options,
> can anyone help me to define the correct settings to
> block those ip's.
Several things here.
First of all, .htaccess files are primarily for people that don't have
access to the main configuration file. Since you clearly do have access
to the main config file, you should put your configuration there, rather
than in a .htaccess file. Putting a .htaccess file in a directory
/www/docs/something is exactly equivalent (so far as the resultant
configuration) as putting the contents of that .htaccess file into a
<Directory> section thus:
<Directory /www/docs/something>
# Contents of .htaccess file go here
</Directory>
(This goes in your httpd.conf)
However, .htaccess files cause a substantial performance degradation,
and may be a security concern, depending on how your site is managed.
Second, the contents of your .htaccess file, listed above, contain a
common typo.
That should be
order deny,allow
rather than
order deny, allow
Notice the space in your version, which is missing from the correct
version. You are probably being denied access because the .htaccess file
was causing a server error, rather than because of your IP address.
Third, note that you are only blocking GET accesses, but other accesses,
such as POST, HEAD, DELETE, CONNECT, and so on, are still permitted.
Drop the <Limit> and </Limit> lines, if you really want to lock out
those addresses.
And, finally, a note about AllowOverride. AllowOverride None means
"please ignore all of my .htaccess files." If you want to use .htaccess
files, you should use an AllowOverride setting that is correct, rather
than giving a blanket AllowOverride All. AllowOverride All allows things
that you probably don't want to allow - in particular, it allows
Options, which lets people do stuff like "Options +FollowSymlinks" and
"Options ExecCGI" in places where you would rather they did not do those
things. In your case, if you really decide you want this to be in a
.htaccess file, you would only need "AllowOverride Limit".
Hope this helped.
--
Pilgrim, how you journey on the road you chose
To find out where the winds die and where the stories go
--Pilgrim (Enya - A Day Without Rain)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org