Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

w2ksp4.exe, WwwxxXdbf, procmail "FROM_MAILER" patch, Use of assignment to $[ is deprecated at /usr/local/sbin/apxs line 86. , wwwxxx vim, mysql closing table and opening table, 800c5000, setgid operation not permitted, pciehp: acpi_pciehprm on IBM, WWWXXX.DBF

Links

XODOX
Impressum

#1: Disable public access

Posted on 2008-04-04 19:39:51 by howa

I have setup an Apache using default httpd.conf, however, I only want
to access the server via localhost, so I modified,


<Directory />

AllowOverride None
Order deny,allow
Deny from all
Satisfy all

</Directory>

<Directory "/var/www/html">

Options Indexes FollowSymLinks
AllowOverride None
Order Deny,Allow
Deny from all
Allow from 127.0.0.1

</Directory>

However, I found that I still can access the server from Internet, any
points I missed?

Thanks.

Report this message

#2: Re: Disable public access

Posted on 2008-04-05 07:40:09 by spam

"howa" <howachen@gmail.com> wrote in message
news:4c8b1d51-5bb9-435c-9c48-dea6ce2f486b@q10g2000prf.google groups.com...
> I have setup an Apache using default httpd.conf, however, I only want
> to access the server via localhost, so I modified,
>
> <Directory />
> AllowOverride None
> Order deny,allow
> Deny from all
> Satisfy all
> </Directory>
>
> <Directory "/var/www/html">
> Options Indexes FollowSymLinks
> AllowOverride None
> Order Deny,Allow
> Deny from all
> Allow from 127.0.0.1
> </Directory>
>
> However, I found that I still can access the server from Internet, any
> points I missed?

What you have done does not shut off access but instead causes pages to be
served as "403" errors, except for 127.0.0.1. You need to use/modify the
LISTEN directive if you don't want apache to respond to other addresses.
Also, where's your firewall?

Secondly: The "satisfy all" and second "order deny,allow" statements are
not necessary based on this snippet. Satisfy might be needed if you have
other resources defined. Also note that you're allowing only on the IPv4
localhost and not the IPv6 localhost.

Report this message