[plug] Apache Access
Lyndon Kroker
ljkroker at netvigator.com
Wed Sep 11 18:32:15 WST 2002
Here is the section of my httpd.conf that deals with the access issues. Some
of the ipaddresses and directory names have been changed but the rest is as
per my .conf file.
I wonder if the "default" access is being over-ridden by my "special access
directives"? During most of the testing I have been logging in under my
webteam id. Nonetheless, I would still want to block web team members who
log in from a banned domain.
Regards,
Lyndon
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory /var/www/html>
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes FollowSymLinks
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order Allow,Deny
Allow from all
Deny from 11.22.33.44
</Directory>
# ========================================================================
# begining of special access control directives
# ========================================================================
#
# This section was added by Lyndon. This is the area where we control
# access to the different areas of our server. After this file had been
# edited, the server (httpd) must be restarted in order for the new
# changes to take effect.
#
# The following directive restricts access to the "wtadmin" directory in
# the "Web Group" area.
# Added by Lyndon on 13-Jun-2002.
#
<Directory /var/www/html/webteam/wtadmin>
AuthDBUserFile /var/www/access/user_db
AuthName "Web Team Area"
AuthType Basic
require user 12345 23456 34567
</Directory>
#
# The following directive restricts access to the "Web Team" area.
# Added by Lyndon on 8-Dec-2001.
#
<Directory /var/www/html/webteam>
AuthDBUserFile /var/www/access/user_db
AuthDBGroupFile /var/www/access/group_db
AuthName "Web Team Area"
AuthType Basic
require group webteam
</Directory>
#
# The following directive restricts access to the "Staff" area.
# Added by Lyndon on 16-Dec-2001.
#
<Directory /var/www/html/staff>
AuthDBUserFile /var/www/access/user_db
AuthDBGroupFile /var/www/access/group_db
AuthName "Staff Area"
AuthType Basic
require group webteam staff
</Directory>
#
# The following directive restricts access to the "Member's" area.
# Added by Lyndon on 8-Dec-2001.
#
<Directory /var/www/html/mem>
AuthDBUserFile /var/www/access/user_db
AuthDBGroupFile /var/www/access/group_db
AuthName "Member's Area"
AuthType Basic
require group webteam member staff
</Directory>
#
# The following directive restricts access to the "CPRUNE" area.
# Added by Lyndon on 10-Dec-2001.
#
<Directory /var/www/cgi-bin/yabb>
AuthDBUserFile /var/www/access/user_db
AuthDBGroupFile /var/www/access/cprune_db
AuthName "Member's Area"
AuthType Basic
require group cprune
</Directory>
#
#
# ========================================================================
# end of special access control directives
# ========================================================================
More information about the plug
mailing list