Hi,
I have setup a webserver on CentOS 4.5 with NameVirtualHost. Two VirtualHost should be reachable by port 80 from outside, while the third (default) should be only reachable by https from outside but by http from inside. Since all share the same IP firewalling seems to be out of question. So is there a way to restrict that in Apache config?
regards, Andreas
Andreas Kuntzagk wrote:
Hi,
I have setup a webserver on CentOS 4.5 with NameVirtualHost. Two VirtualHost should be reachable by port 80 from outside, while the third (default) should be only reachable by https from outside but by http from inside. Since all share the same IP firewalling seems to be out of question. So is there a way to restrict that in Apache config?
use the allow/deny directives
Order Allow,Deny Allow from internal/subnet
inside the third http section.
That will force those on the outside to use https or see an error. Or maybe, just redirect them to https with RedirectMatch whether from internal or external ips.
regards, Andreas _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Friday 23 November 2007 09:36:48 Andreas Kuntzagk napisaĆ(a):
Hi,
I have setup a webserver on CentOS 4.5 with NameVirtualHost. Two VirtualHost should be reachable by port 80 from outside, while the third (default) should be only reachable by https from outside but by http from inside. Since all share the same IP firewalling seems to be out of question. So is there a way to restrict that in Apache config?
http://httpd.apache.org/docs/2.0/mod/mod_access.html
Regards,
Thanks for your advice. I was already aware of Allow/Deny. What I didn't know was that I could put <Directory> inside <VirtualHost>. Quite basic but I don't configure apache so often.
Andreas
Andreas Kuntzagk wrote:
Hi,
I have setup a webserver on CentOS 4.5 with NameVirtualHost. Two VirtualHost should be reachable by port 80 from outside, while the third (default) should be only reachable by https from outside but by http from inside. Since all share the same IP firewalling seems to be out of question. So is there a way to restrict that in Apache config?
regards, Andreas
Configure your virtualhosts
a "SSLRequireSSL" directive would force it to be https only. When using http, it would give "Permission denied". Or a mod_rewrite.
Or you could also configure your http virtualhosts in httpd.conf, while configuring your https VH in ssl.conf.
Ugo
-
Andreas Kuntzagk -
Christopher Chan -
Tomasz 'Zen' Napierala -
Ugo Bellavance