PHWinfo - Afficher un message - Apache1.3.xx endless deny-list

03/05/2005, 19h40

On 2 May 2005 11:57:02 GMT, in comp.infosystems.www.servers.unix,
jens.vieler@fernuni-hagen.de (Jens Vieler) wrote:

>hi list,
>
>i have to build up very big IP-deny-list for n directories, where
>each list is the same. so what am i searching for is something like
>
>#define mylist a.mycompany.com b.mycompany.com c.mycompany.com
><Directory "/anywhere">
> Order Allow,Deny
> Allow from mycompany.com
> Deny from $mylist
> AuthName "FernUni Intern"
> AuthType Basic
></Directory>
>
>or should i use
>
><Directory "/anywhere">
> Order Allow,Deny
> Allow from mycompany.com
> Include mydenylist.conf
> AuthName "FernUni Intern"
> AuthType Basic
></Directory>
>
>with a one-line mydenylist.conf
>
>Deny a.mycompany.com b.mycompany.com c.mycompany.com
>
>in it? any is welcome

In Apache 2, I was able to create a deny_acccess.include file of "deny
from ..." lines and use:
<Directory "/anywhere">
Order Allow,Deny
Allow from mycompany.com
Include deny_access.include
AuthName "FernUni Intern"
AuthType Basic
</Directory "/anywhere">

Unfortunately, the above does NOT work in Apache 1 (at least it didn't
the last time I tried it). In Apache 1, I've ended up creating a
deny_access.include that has the <Directory>...</Directory> config
info and the list of denied IPs exists in each Directory section.
This is a pain.

If you come up with a better mechanism, please let me know.

HTH,
Jim

03/05/2005, 19h40	#2
Jim Hayter Messages: n/a Hébergeur:	Re: Apache1.3.xx endless deny-list - howto? On 2 May 2005 11:57:02 GMT, in comp.infosystems.www.servers.unix, jens.vieler@fernuni-hagen.de (Jens Vieler) wrote: >hi list, > >i have to build up very big IP-deny-list for n directories, where >each list is the same. so what am i searching for is something like > >#define mylist a.mycompany.com b.mycompany.com c.mycompany.com ><Directory "/anywhere"> > Order Allow,Deny > Allow from mycompany.com > Deny from $mylist > AuthName "FernUni Intern" > AuthType Basic ></Directory> > >or should i use > ><Directory "/anywhere"> > Order Allow,Deny > Allow from mycompany.com > Include mydenylist.conf > AuthName "FernUni Intern" > AuthType Basic ></Directory> > >with a one-line mydenylist.conf > >Deny a.mycompany.com b.mycompany.com c.mycompany.com > >in it? any is welcome In Apache 2, I was able to create a deny_acccess.include file of "deny from ..." lines and use: <Directory "/anywhere"> Order Allow,Deny Allow from mycompany.com Include deny_access.include AuthName "FernUni Intern" AuthType Basic </Directory "/anywhere"> Unfortunately, the above does NOT work in Apache 1 (at least it didn't the last time I tried it). In Apache 1, I've ended up creating a deny_access.include that has the <Directory>...</Directory> config info and the list of denied IPs exists in each Directory section. This is a pain. If you come up with a better mechanism, please let me know. HTH, Jim