Is it possible to limit the webaccess to ISP-config to certain IP-numbers by putting a .htaccess file somewhere?

The goal is to achieve that everyone can access http://ww.example.com but only some ip-adresses can access https://www.example.com:81

How should I do that?

Or isn't that considered to be a security issue. I installed a few days ago the denyhosts (following the excellent tutorial), and my list of hosts.deny is allready quite long.


Thx,

Jang

You can either do that with firewallrules or with an htaccess / change in ispconfig's apache config (in httpd.conf it is about line 340)

<Directory "/home/admispconfig/ispconfig/web">

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options FollowSymLinks MultiViews

#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>

Yust for reference, Ben is talking about this httpd.conf file :)

/root/ispconfig/httpd/conf/httpd.conf

that's right, sry ;)

Done,

thx!

Jang