Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Securing Apache through httpd.conf for only localhost |
|
| Author |
|
Chinchilla2661
Joined: 16 Jan 2014
Posts: 3
Location: Austin, TX
|
 Posted: Fri 17 Jan '14 18:42 Post subject: Securing Apache through httpd.conf for only localhost |
 |
|
I am trying to secure my dev server and want to configure the httpd.conf file to only accept requests from the localhost / dev machine / 127.0.0.1. I've already set Apache to listen to 127.0.0.1 but want to do a little more securing here and there.
Now, I know this can be done in the Directory section but not sure exactly how to word it. Searches throughout the forum have shown the steps when using vhosts but I would rather secure the main server and not fuss with vhosts.
I think this is the area of the httpd.conf file that needs tweaking.
Original -edited for content
| Code: | <Directory "Z:/Apache/htdocs">
Options Indexes FollowSymsLinks ExecCGI
AllowOverride None
Require all granted
</Directory>
|
This is what I think I need...
| Code: | <Directory "Z:/Apache/htdocs">
Options Indexes FollowSymsLinks ExecCGI
AllowOverride None
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
|
Am I on the right track here?
Edit!
Forgot to say that I'm working on Apache 2.4.7 64bit picked up here from the lounge and running Windows 8.1 |
|
| Back to top |
|
bagu
Joined: 06 Jan 2011
Posts: 193
Location: France
|
| Posted: Fri 17 Jan '14 21:03 Post subject: |
|
|
Hello,
| Code: | Order Deny,Allow
Deny from all
Allow from 127.0.0.1 |
Is the old way (apache 2.2) to write :
for apache 2.4...
Say me if i'm wrong... |
|
| Back to top |
|
Chinchilla2661
Joined: 16 Jan 2014
Posts: 3
Location: Austin, TX
|
| Posted: Sat 18 Jan '14 6:36 Post subject: |
|
|
Okay, if I am understanding you and the Apache 2.4 documentation regarding the "require" directive the line that currently reads
| Code: | | Require all granted |
Should be altered to read
| Code: | | Require ip 127.0.0.1 |
which should restrict access from anything but the local dev server machine? |
|
| Back to top |
|
|
|
|
|
|
