[CentOS] OT - httpd/conf.d include questions - allowing only some addresses

Tue Oct 7 16:45:43 UTC 2014
Robert Moskowitz <rgm at htt-consult.com>

On 10/07/2014 12:29 PM, m.roth at 5-cent.us wrote:
> Robert Moskowitz wrote:
>> My web searching is not finding out the answers to this, so I turn to
>> you all here.
>>
>> I am trying to NOT modify my httpd/conf/httpd.conf file, and only make
>> changes via includes.  I have done that with a 00-init.conf where I set
> Is that all in /etc/httpd/conf.d? Is there a Listen: or VittualHost
> directive?

Yes, I left off /etc/ from all places shown.

Yes, there is a Listen.  The VirtualHost config is coming as soon as I 
can build the current RoundCube.

>
>          mark
>
>> things like servername and serveradmin.  Now I want to move my allow and
>> denies to a 01-allow.conf include.  I tried:
>>
>> <Directory "/var/www/html">
>>       Order allow,deny
>>       deny from all
>> </Directory>
>>
>> as that seems to be what is in the default conf, but I see in the
>> error_log:
>>
>> [Tue Oct 07 08:51:58 2014] [error] [client 208.83.67.156] Directory
>> index forbidden by Options directive: /var/www/html/
>>
>> And maybe this is not the right restriction, because when I make this
>> change directly in the default httpd.conf, I still can get to the
>> default web page.
>>
>> Now on to the 'allow' statement.  All syntax examples I have seen for it
>> follow:
>>
>> allow from 1.1.1.0/24 1.1.2.0/24 2400:cb00:2048:1::/64
>>
>> and soforth.  That is each range separated by a space.  But potentially
>> I have 18 ranges to specify, and at least named makes it easy with each
>> range on its own line ending with a ';'.  For now I am only putting 2
>> ranges in, but how does one set up a longer list of allowed ranges?
>>
>> thanks