Using a .htaccess to only allow certain IP addresses through

M

mickeyk

Registered
Hi,

I've tried several different .htacces file and these are the results I am getting:

Order Deny,Allow
Deny from all
Allow from x.x.x.x

Denies everyone.

Order Deny,Allow
Allow from all
Deny from x.x.x.x

Allows every one.

Almost like it doesn't recognize the IP Address. This is an internal website and all of our machines have their IP Addresses hard coded.

Apachectl configtest returns this:

Processing config directory: /etc/httpd/sites/*.conf
Processing config file: /etc/httpd/sites/mysite.conf
Processing config file: /etc/httpd/sites/virtual_host_global.conf
[Fri Feb 17 08:25:46 2006] [alert] httpd: Could not determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
Syntax OK

This is what my erro_log looks like:

Processing config directory: /etc/httpd/sites/*.conf
Processing config file: /etc/httpd/sites/mysite.conf
Processing config file: /etc/httpd/sites/virtual_host_global.conf
[Fri Feb 17 05:31:41 2006] [alert] httpd: Could not determine the server's ful$
[Fri Feb 17 05:31:44 2006] [notice] Apache/1.3.33 (Darwin) mod_ssl/2.8.24 Open$
[Fri Feb 17 05:31:44 2006] [notice] Accept mutex: flock (Default: flock)

Thanks for your help

Mickey
 
I've been pulling my hair out with this same problem.
I seemed to have solved it though. After searching a few boards for answers, here's what I've found:

1. Normal Apache Allow directives don't work. Due to the port swap REMOTE_ADDR always has the ip address of the server instead of the ip address of the user. The server returning the ip is the proxy server.


2. Turn off the performance cache in Server Admin -> Web -> Settings -> Sites -> Options

This acts as a proxy server in front of Apache to improve performance of certain files. However, one side effect is that Apache sees the IP address of the proxy server not the IP address of the user.

Performance cache or remote IP addresses. Pick one. You can't have both :)

In most cases, turning off the performance cache is what most people opt for. The performance gains are usually modest.

3. If you are hosting multiple sites, go to Server Admin and turn off performance caching on ALL of them. Turns out that if any sites are set to use it, then they all will!

Solved for me. Now I restrict access to a couple of directories to only on campus clients (UCSC). No one off campus can access.

Hope this helps
 
You must log in or register to reply here.
Back
Top