Gentlemen,

In /etc/httpd/conf/httpd.conf is this line include conf.d/*.conf so out of curiosity I looked in /etc/httpd/conf.d and found among others :


BackupPC.conf
roundcubemail.conf
webalizer.conf
In these files you can find their alias, now when I go http://something.org/alias I get error 401, not authorized, error 403, forbidden and / or error 404, page not found.

If I change order deny,allow
deny from all
allow from 127.0.0.1 Into thisorder allow,deny
allow from all
#allow from 127.0.0.1 am I exposing my server to a security risk ?

PS when I changed the code the pages showed with or without username / password prompt.

By altering these lines, you make it available for the whole world. If you have no problems with it, then theres no problem.

@ Hooglander,


In the mean time I tried some other allow from lines

allow from 192.168.0.1, my gateway, this works
allow from 192.168.0.10, a computer in my home network, does not work
allow from 192.168.0.100, my webserver, does not work
allow from 62.194.xxx.xxx, my internet IP, does not work
I would like to access these pages from every computer ( at work, at friends, when with holyday )
There is no need for the world to access these pages.

You can do it with a ssh tunnel...

ssh tunnel ????

Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.0.1
Allow From 192.168.0.100
Allow From 62.194.xxx.xxx


Alternatively, you can allow it to the world, but protect it with .htaccess