LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
Reload this Page Quick way to restrict access to Apache HTTPD
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 09-27-2006, 01:45 PM   #1
introuble
Member
 
Registered: Apr 2004
Distribution: Debian -unstable
Posts: 700

Rep: Reputation: 31
Quick way to restrict access to Apache HTTPD

I'm running Apache HTTPD v1.3 and I would like that only localhost, ip1 and ip2 can be able to access it. I've tried something like:

Code:
ALL: localhost: allow
ALL: ip1: allow
ALL: ip2: allow
ALL: ALL: deny
in /etc/hosts.allow but it doesn't seem to have any effect. Any suggestions?
 
Old 09-27-2006, 02:06 PM   #2
Dutch Master
Senior Member
 
Registered: Dec 2005
Posts: 1,686

Rep: Reputation: 124Reputation: 124
Put
Code:
ALL: LOCAL
ALL: <ip-adress-1>
ALL: <ip-adress-2>
in /etc/hosts.allow and
Code:
ALL: PARANOID
in /etc/hosts.deny. Keep in mind that hosts.allow is processed *before* hosts.deny.

One more thing: consider changing to Apache 2, as 1.3 is getting older and thus more vulnerable.
Last edited by Dutch Master; 09-27-2006 at 02:09 PM.
 
Old 09-28-2006, 11:33 AM   #3
introuble
Member
 
Registered: Apr 2004
Distribution: Debian -unstable
Posts: 700

Original Poster
Rep: Reputation: 31
Doesn't work. An empty /etc/hosts.allow and "ALL: PARANOID" or "ALL: ALL" in /etc/hosts.deny doesn't seem to have any sort of effect.
 
Old 09-29-2006, 03:15 AM   #4
mastrboy
Member
 
Registered: Aug 2005
Distribution: Debian, OpenBSD, PFsense
Posts: 73

Rep: Reputation: 15
you could configure this at apache's config file:

Eksample:
Code:
<directory />
order allow, deny
allow from 127.0.0.1
allow from 192.168.0.1
allow from 192.168.0.2
deny from all
</directory>
something like that, or you could do it in iptables http://www.linuxguruz.com/iptables/h...niptables.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How do you list enabled Apache modules without access to httpd.conf? mattie_linux Linux - Software 1 05-15-2006 10:32 PM
Restrict X server access using /etc/security/access.conf anand_kt Linux - General 0 04-22-2005 08:40 AM
How can I restrict eth1 so only access is to Apache?? Tenox Linux - Networking 1 04-11-2005 02:32 PM
Quick httpd question javamdk Slackware 3 03-20-2005 07:57 PM
httpd chokes on ScriptAlias line in Apache httpd.conf lhoff Linux - Software 1 07-14-2003 10:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 08:49 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration