Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache access control problem |
|
| Author |
|
simopal6
Joined: 07 Mar 2007
Posts: 6
|
 Posted: Wed 07 Mar '07 18:33 Post subject: Apache access control problem |
 |
|
Hello to everyone!
I've got a problem with restricting access to my computer's apache server. I use apache on my laptop because i'm a php programmer, and recently i have joined a lan network, so i would like to avoid people from being able to access my html,php,etc. files.
What i want to do isn't simply allowing just my computer to enter the website (i've done it easily with Allow from 127.0.0.1 on document root directory), but i want, more or less, this:
| Code: | -- http://192.168.0.100 (my pc) accessed by localhost
INDEX OF /
- dir1
- dir2
- dir3
- file1.htm
- file2.php
- public_dir |
| Code: | -- http://192.168.0.100 (my pc) accessed by other computers on my network
INDEX OF /
- public_dir |
In other words, i want everything on my site ,except a public directory, to be accessible only by localhost.
In order to do this, i have to:
- let document root directory be public (Allow from all), because otherwise they can't access /;
- let public_dir be visible and accessible from everyone;
- hide all other files and directories to anyone, except for me.
This is how i meant to do it:
| Code: | <Directory />
Order allow,deny
Deny from all
</Directory>
<Directory /home/httpd> <-- document root
Order deny,allow
Allow from all
</Directory>
<DirectoryMatch "all dirs in document root">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</DirectoryMatch>
<FilesMatch "every file except those in in public_dir">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
<Directory /home/httpd/public_dir>
Order deny,allow
Allow from all
</Directory> |
First of all, is this structure correct? And, what regular expressions should i use??
Thank you! |
|
| Back to top |
|
VoodooMill
Joined: 11 Jan 2007
Posts: 60
|
| Posted: Wed 07 Mar '07 19:55 Post subject: |
|
|
I would suggest setting up a couple VirtualHosts. One for localhost and another for the public site (accessible by your machine name/IP addess). Then set the DocumentRoot of the public site as your public_dir folder.
This will give you the access protection you desire without constant access configuration every time you create a new folder in the document root of your web server. |
|
| Back to top |
|
simopal6
Joined: 07 Mar 2007
Posts: 6
|
| Posted: Wed 07 Mar '07 20:05 Post subject: |
|
|
| I hadn't thought of that..! I'm going to study virtual hosts in details..Thank you very much..! |
|
| Back to top |
|
|
|
|
|
|
