Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: IP restriction for Location doesn't work |
|
| Author |
|
Qmpeltaty
Joined: 06 Feb 2008
Posts: 182
Location: Poland
|
 Posted: Thu 11 Oct '12 11:40 Post subject: IP restriction for Location doesn't work |
 |
|
Hello
I had a problem that ip restrictions inside location didn't work. Config :
| Code: | <Location /jkstatus>
JkMount status
Require ip 127.0.0.1
Require ip my_remote_netowrk_1/29
Require ip my_remote_netowrk_2/29
AuthType digest
AuthBasicAuthoritative Off
AuthName "jkstatus"
AuthDigestProvider file
AuthUserFile "C:/Apache2.4.3-x64/passwd/digest"
AuthDigestAlgorithm MD5
Require valid-user
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</Location> |
In that case all IPs were allowed - just propted for login and password.
When i removed login/password part from location, IP restriction has start to work.
| Code: | <Location /jkstatus>
JkMount status
Require ip 127.0.0.1
Require ip my_remote_netowrk_1/29
Require ip my_remote_netowrk_2/29
#AuthType digest
#AuthBasicAuthoritative Off
#AuthName "jkstatus"
#AuthDigestProvider file
#AuthUserFile "C:/Apache2.4.3-x64/passwd/digest"
#AuthDigestAlgorithm MD5
#Require valid-user
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</Location> |
What is wrong ? I would like to restrict access to this location for some IPs only and secure this area by password as well - even for allowed IPs. |
|
| Back to top |
|
VoodooMill
Joined: 11 Jan 2007
Posts: 60
|
| Posted: Thu 11 Oct '12 16:23 Post subject: |
|
|
Hi Qm,
Try adding Satisfy All to the end of the directive. |
|
| Back to top |
|
Qmpeltaty
Joined: 06 Feb 2008
Posts: 182
Location: Poland
|
| Posted: Thu 11 Oct '12 16:34 Post subject: |
|
|
| VoodooMill wrote: | Hi Qm,
Try adding Satisfy All to the end of the directive. |
I had tried it - still doesn't work.
I though that Order directive has been deprecated in 2.4 Apache and replaced by Require based on that http://httpd.apache.org/docs/2.4/upgrading.html
It seems that Order directive has not been replaced as my config below works as expected :
| Code: | <Location /jkstatus>
JkMount status
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from my_network1/29
Allow from my_network2/29
AuthType digest
AuthBasicAuthoritative Off
AuthName "jkstatus"
AuthDigestProvider file
AuthUserFile "C:/Apache2.4.3-x64/passwd/digest"
AuthDigestAlgorithm MD5
Require valid-user
Satisfy All
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</Location> |
Now any other IPs than allowed are automatically rejected, and allowed IPs are requested for login and password.
Problem is now solved as i got what i need, the question is what is wrong with that info http://httpd.apache.org/docs/2.4/upgrading.html ?
In the following example, all hosts in the example.org domain are allowed access; all other hosts are denied access.
2.2 configuration:
Order Deny,Allow
Deny from all
Allow from example.org
2.4 configuration:
Require host example.org
Last edited by Qmpeltaty on Fri 12 Oct '12 15:04; edited 1 time in total |
|
| Back to top |
|
Qmpeltaty
Joined: 06 Feb 2008
Posts: 182
Location: Poland
|
| Posted: Thu 11 Oct '12 16:34 Post subject: |
|
|
| Any ideas ? |
|
| Back to top |
|
|
|
|
|
|
