logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Apache access control problem
Author
simopal6



Joined: 07 Mar 2007
Posts: 6

PostPosted: Wed 07 Mar '07 18:33    Post subject: Apache access control problem Reply with quote

Hello to everyone!
I've got a problem with restricting access to my computer's apache server. I use apache on my laptop because i'm a php programmer, and recently i have joined a lan network, so i would like to avoid people from being able to access my html,php,etc. files.
What i want to do isn't simply allowing just my computer to enter the website (i've done it easily with Allow from 127.0.0.1 on document root directory), but i want, more or less, this:
Code:
-- http://192.168.0.100 (my pc) accessed by localhost
INDEX OF /
- dir1
- dir2
- dir3
- file1.htm
- file2.php
- public_dir

Code:
-- http://192.168.0.100 (my pc) accessed by other computers on my network
INDEX OF /
- public_dir

In other words, i want everything on my site ,except a public directory, to be accessible only by localhost.
In order to do this, i have to:
- let document root directory be public (Allow from all), because otherwise they can't access /;
- let public_dir be visible and accessible from everyone;
- hide all other files and directories to anyone, except for me.

This is how i meant to do it:
Code:
<Directory />
Order allow,deny
Deny from all
</Directory>

<Directory /home/httpd> <-- document root
Order deny,allow
Allow from all
</Directory>

<DirectoryMatch "all dirs in document root">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</DirectoryMatch>

<FilesMatch "every file except those in in public_dir">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>

<Directory /home/httpd/public_dir>
Order deny,allow
Allow from all
</Directory>


First of all, is this structure correct? And, what regular expressions should i use??
Thank you!
Back to top
VoodooMill



Joined: 11 Jan 2007
Posts: 60

PostPosted: Wed 07 Mar '07 19:55    Post subject: Reply with quote

I would suggest setting up a couple VirtualHosts. One for localhost and another for the public site (accessible by your machine name/IP addess). Then set the DocumentRoot of the public site as your public_dir folder.

This will give you the access protection you desire without constant access configuration every time you create a new folder in the document root of your web server.
Back to top
simopal6



Joined: 07 Mar 2007
Posts: 6

PostPosted: Wed 07 Mar '07 20:05    Post subject: Reply with quote

I hadn't thought of that..! I'm going to study virtual hosts in details..Thank you very much..!
Back to top


Reply to topic   Topic: Apache access control problem View previous topic :: View next topic
Post new topic   Forum Index -> Apache