[CentOS] OT - httpd/conf.d include questions - allowing only some addresses

Tue Oct 7 13:33:08 UTC 2014
Robert Moskowitz <rgm at htt-consult.com>

One example says to reverse the order to 'deny,allow' if you are denying 
all and allowing a range of addresses (reading too many manuals and 
explainations).  That did fix the problem for a specific directory 
access, but not for the 'global' one.

On 10/07/2014 09:06 AM, Robert Moskowitz wrote:
> My web searching is not finding out the answers to this, so I turn to 
> you all here.
>
> I am trying to NOT modify my httpd/conf/httpd.conf file, and only make 
> changes via includes.  I have done that with a 00-init.conf where I 
> set things like servername and serveradmin.  Now I want to move my 
> allow and denies to a 01-allow.conf include.  I tried:
>
> <Directory "/var/www/html">
>     Order allow,deny
>     deny from all
> </Directory>
>
> as that seems to be what is in the default conf, but I see in the 
> error_log:
>
> [Tue Oct 07 08:51:58 2014] [error] [client 208.83.67.156] Directory 
> index forbidden by Options directive: /var/www/html/
>
> And maybe this is not the right restriction, because when I make this 
> change directly in the default httpd.conf, I still can get to the 
> default web page.
>
> Now on to the 'allow' statement.  All syntax examples I have seen for 
> it follow:
>
> allow from 1.1.1.0/24 1.1.2.0/24 2400:cb00:2048:1::/64
>
> and soforth.  That is each range separated by a space.  But 
> potentially I have 18 ranges to specify, and at least named makes it 
> easy with each range on its own line ending with a ';'.  For now I am 
> only putting 2 ranges in, but how does one set up a longer list of 
> allowed ranges?
>
> thanks
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>