|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
| comp.info.servers.unix Web servers for UNIX platforms. |
 |
|
|
LinkBack | Outils de la discussion |
02/05/2005, 12h57
|
#1 |
Messages: n/a
Hébergeur: |
Apache1.3.xx endless deny-list - howto?
hi list,
i have to build up very big IP-deny-list for n directories, where each list is the same. so what am i searching for is something like #define mylist a.mycompany.com b.mycompany.com c.mycompany.com <Directory "/anywhere"> Order Allow,Deny Allow from mycompany.com Deny from $mylist AuthName "FernUni Intern" AuthType Basic </Directory> or should i use <Directory "/anywhere"> Order Allow,Deny Allow from mycompany.com Include mydenylist.conf AuthName "FernUni Intern" AuthType Basic </Directory> with a one-line mydenylist.conf Deny a.mycompany.com b.mycompany.com c.mycompany.com in it? any is welcome  jens |
|
|
03/05/2005, 18h40
|
#2 |
|
Messages: n/a
Hébergeur: |
Re: Apache1.3.xx endless deny-list - howto?
On 2 May 2005 11:57:02 GMT, in comp.infosystems.www.servers.unix,
jens.vieler@fernuni-hagen.de (Jens Vieler) wrote: >hi list, > >i have to build up very big IP-deny-list for n directories, where >each list is the same. so what am i searching for is something like > >#define mylist a.mycompany.com b.mycompany.com c.mycompany.com ><Directory "/anywhere"> > Order Allow,Deny > Allow from mycompany.com > Deny from $mylist > AuthName "FernUni Intern" > AuthType Basic ></Directory> > >or should i use > ><Directory "/anywhere"> > Order Allow,Deny > Allow from mycompany.com > Include mydenylist.conf > AuthName "FernUni Intern" > AuthType Basic ></Directory> > >with a one-line mydenylist.conf > >Deny a.mycompany.com b.mycompany.com c.mycompany.com > >in it? any is welcome In Apache 2, I was able to create a deny_acccess.include file of "deny from ..." lines and use: <Directory "/anywhere"> Order Allow,Deny Allow from mycompany.com Include deny_access.include AuthName "FernUni Intern" AuthType Basic </Directory "/anywhere"> Unfortunately, the above does NOT work in Apache 1 (at least it didn't the last time I tried it). In Apache 1, I've ended up creating a deny_access.include that has the <Directory>...</Directory> config info and the list of denied IPs exists in each Directory section. This is a pain. If you come up with a better mechanism, please let me know. HTH, Jim |
|
|
|
04/05/2005, 07h47
|
#3 |
|
Messages: n/a
Hébergeur: |
Re: Apache1.3.xx endless deny-list - howto?
hi jim,
thank you, but i had to solve it for 1.3.x. so what i found is a combination with SetEnvIf and Remote_Addr and it looks like this: in the general settings i build up a list of SetEnvIf Remote_Addr "a.b.c." no_office SetEnvIf Remote_Addr "a.b.d." no_office and later in the <directory>-part i use Allow from a.b. Deny from env=no_office that works fine! :-) regards jens |
|
|
|
04/05/2005, 14h53
|
#4 |
|
Messages: n/a
Hébergeur: |
Re: Apache1.3.xx endless deny-list - howto?
On 4 May 2005 06:47:11 GMT, in comp.infosystems.www.servers.unix,
jens.vieler@fernuni-hagen.de (Jens Vieler) wrote: >hi jim, > >thank you, but i had to solve it for 1.3.x. so what i found >is a combination with SetEnvIf and Remote_Addr and it looks >like this: > >in the general settings i build up a list of > > SetEnvIf Remote_Addr "a.b.c." no_office > SetEnvIf Remote_Addr "a.b.d." no_office > >and later in the <directory>-part i use > > Allow from a.b. > Deny from env=no_office > >that works fine! :-) >regards > jens Hi Jens, Thanks for the above. It is certainly simpler than what I've been using. Jim |
|
|
|
| Outils de la discussion | |
|
|
