PDA

View Full Version : limit apache listening

matej
17th July 2009, 09:42
Is it possible to limit some site that it will be accessible from just some ip (submask)?

Thanks for answer
Mark_NL
17th July 2009, 11:24
- You can put an .htaccess file in the document root of the designated website
- You can add Allow / Deny rules in your VirtualHost declaration

fmi: http://www.freewebmasterhelp.com/tutorials/htaccess/
(i think you'll find your information on page 2 of that how-to)
matej
17th July 2009, 11:46
.htaccess is not OK.
Where should I add allow/deny rules in virtualhost declaration? Is it possible through ispconfig?

Thanks for answer.
Mark_NL
17th July 2009, 11:57
You can do that in the "Apache Directives" text area when you look at a site's preferences, put something in it like this:

<Directory /var/www/yourwebsite>
Order deny,allow
Deny from all
Allow from 192.168.1.2
Allow from 10.10.0.
</Directory>

This will only allow access from 192.168.1.2 and all machines in the 10.10.0.0/24 range
matej
17th July 2009, 12:09
Thanks for answer. I've done it... but site is still accessible from all ip-s. Should I enable some apache module?
Must directory point to /var/www/yourwebsite or /var/www/yourwebsite/web?
Mark_NL
17th July 2009, 12:23
Thanks for answer. I've done it... but site is still accessible from all ip-s. Should I enable some apache module?
Must directory point to /var/www/yourwebsite or /var/www/yourwebsite/web?

Ah yes you're using ISPConfig .. then you should point it to:
/var/www/yourwebsite/web

Can you show me the piece of code you've added in the Apache Directive field?
matej
17th July 2009, 12:32
<Directory /var/www/html/internal.domain.net/web>
Order deny,allow
Deny from all
Allow from 84.255.228.90
</Directory>

As I understand this shuld limit access tho this virtual host just from specified IP address.
Mark_NL
17th July 2009, 13:08
<Directory /var/www/html/internal.domain.net/web>
AllowOverride Limit
Order deny,allow
Deny from all
Allow from 84.255.228.90
</Directory>

As I understand this shuld limit access tho this virtual host just from specified IP address.

i forgot allowoverride, sry :)
matej
17th July 2009, 16:21
Thanks. But still same. A can access to website from all other's IP. Is it possible that I have some problem with my apache configuraton?
falko
18th July 2009, 11:42
Did you restart Apache? Any errors in Apache's error log?
matej
20th July 2009, 08:24
Yes, I've restarted apache. I've also checked that - what am I wrote in ispconfig is in Vhost_ispconfig.conf file... and restart of apache went ok without any errors.
Is it possible that I don't have apache correctly configured (some missing module) or any other idea..