logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: apache 2.4 and mod_access_compat
Author
AndreL



Joined: 23 Sep 2009
Posts: 5

PostPosted: Thu 23 Aug '12 9:25    Post subject: apache 2.4 and mod_access_compat Reply with quote

Hi,

I just migrated from apache 2.2 to 2.4.3 using the mod_access_compat module. No issue for that first step.

I have some troubles to convert the autorisation to the new format.

Old format:
<Directory "C:/Web/intranet">
Order Deny,Allow
Deny from all
Allow from 192.168.1.0/24
AuthType Basic
AuthName "Intranet"
AuthUserFile ./conf/auth.psw
Require valid-user
Satisfy Any
</Directory>

My translated format:
<Directory "C:/Web/intranet">
AuthType Basic
AuthName "Intranet"
AuthUserFile ./conf/auth.psw
Require IP 192.168.1.0/24
Require valid-user
</Directory>

The latest is not working...

NB: could I use the new way of working for some sections keeping others on the former format with mod_access_compat

Thanks for your help,
André.
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3093
Location: Hilversum, NL, EU

PostPosted: Fri 24 Aug '12 15:58    Post subject: Reply with quote

Yep, for me it is also mostly puzzling with the new require in 2.4.

In your config the requires are OR-ed.

You may want to try:

<Directory "C:/Web/intranet">
AuthType Basic
AuthName "Intranet"
AuthUserFile ./conf/auth.psw
<RequireAll>
Require IP 192.168.1.0/24
Require valid-user
</RequireAll>
</Directory>

When that is not working either, you can try:

<RequireAll>
Require all denied
Require IP 192.168.1.0/24
Require valid-user
</RequireAll>
Back to top
dreuzel



Joined: 30 Jan 2006
Posts: 16

PostPosted: Thu 04 Oct '12 9:59    Post subject: Reply with quote

It makes no sence to have an apache and not being able to secure a website with password, ip, host security.

I've installed and tried 2.4.3 just to notice all security seems to fail, Whatever I try I do notget
aany protection or a full block the site. I can not get it under controll,

What I want is basic and simple : I use DBD odbc access controll. All queries exist since ages and always where correct.
<Directory /secure>
Authtype Digest
AuthDIgestProvider dbd
require valid-user
</directory>

tried
require dbd-user
encapsuled <RequireAll>
added Satisfy all

....
I can only access based on
required ip but I need a username and group securit in my application .....


Please help me ?
Is the code broken
for such a simple requirement it should be easy and straightforward no ?

If something that simple in requirement seems to fail unexplicably can I ever rely on Apache security again ???
Back to top


Reply to topic   Topic: apache 2.4 and mod_access_compat View previous topic :: View next topic
Post new topic   Forum Index -> Apache