Article:  |
Apache Web Serving with Jaguar, Part 3 | |
| Subject: | User Directory Access | |
| Date: | 2003-04-23 13:05:55 | |
| From: | anonymous2 | |
| The Deny and Allow rule changes don't have any impact on outside access to the user site directories. | ||
Showing messages 1 through 5 of 5.
-
User Directory Access
2003-04-23 13:08:59 Kevin Hemenway [Reply | View]
Correct. Nor should they. The GatesMcFaddenCo intranet didn't like ugly ~username URLs, so they switched to Apache's DocumentRoot, which is what the Allow/Deny's are configured for. -
User Directory Access
2003-04-23 13:16:52 Kevin Hemenway [Reply | View]
In rereading your intent (instead of mine), yeah, if someone on the GatesMcFaddenCo machine launched their own user site, it'd be wide open to anyone. The fix to properly protect the entire site / machine (not just Apache's DocumentRoot) is:
<Directory /Users>
Deny from all
</Directory>
This is more in line with what the text suggests, but isn't conducive to per-user site directories. In a later part of the series, I talk about user configuration and directories (poor, poor Patti), and you'll see an example of Allow/Deny there. -
User Directory Access
2003-04-23 18:19:24 anonymous2 [Reply | View]
Thanks for the quick feedback and deft interpretation of my somewhat minimalist comment. -
User Directory Access
2003-05-06 15:45:36 anonymous2 [Reply | View]
Just a quick question;
I am trying to set up apache so it can only be acessed by people on the coporate lan - ie 10.0.0.0/8 addresses - but if I replace "gatesmcfarlene" with the ip address range above, plus include one for localhost, I cannot access apache when I am connect on the coporate lan --- no issue if I unplug ..
Have checked the documentation at apache site - but I think I'm missing something.
Can't wait for the rest of the series ..
