3

Solution: I have to put the allow/deny directives inside the first Directory directive(which also happens to be for the root). I'm guessing it's because it has a AllowOverride None that does't allow any children to specify allow/deny?

 <Directory /> Options FollowSymLinks AllowOverride None Order allow,deny Allow from all Deny from xxx.xx.xxx.xx </Directory>

Original:

This configuration still allows access to all IPs after apache restart

<VirtualHost *:80> ServerName www.xxx.com DocumentRoot /var/www/vhosts/xxx <Directory /var/www/vhosts/xxx> Options Indexes FollowSymLinks AllowOverride none Order deny,allow Deny from all Allow from 127.0.0.1 </Directory> </VirtualHost>
Improve this question
2
  • So you did have two <Directory> directive's like I surmised? Putting that directive on the root is an unusual step. Commented Feb 18, 2010 at 2:48
  • As Patrick R commented on question, putting a Directory directive with same path as documentroot cause troubles. I have similar problem in my apache config. I resolved just disabling the problematic Directory and writing options directly in virtualhost directive. Commented Sep 6, 2018 at 15:06

4 Answers 4

Reset to default
2

That should work. I just verified your code on my server to make sure I wasn't crazy. Are you sure you don't have a definition before this one that is taking precedence?

Create a test file in the folder on your server. Something like test.txt. You may find that you don't see it when you load that url in your browser. If that's the case then your definition above is getting skipped.

Improve this answer
3
  • 2
    There's an AllowOverride none so, a .htaccess should not be able to do anything. Commented Feb 18, 2010 at 0:06
  • Right again Mat. I'll remove that from what I said. Commented Feb 18, 2010 at 0:14
  • I have a sneaky suspicion that your <Directory> conditions will still be skipped altogether even if you used Mat's good answer. Commented Feb 18, 2010 at 0:23
1

For what you want to do, that is, only allow 127.0.0.1, you should do the following :

Order Allow,Deny Allow from 127.0.0.1

Which says first, allow things, then deny things, and deny things that did not match.

You should also not put your <Directory> block inside your <VirtualHost> one, but before it.

Improve this answer
2
  • Mat's definition should work. I'm still curious as to why yours doesn't. Commented Feb 17, 2010 at 23:47
  • @Mat - I think I'm misunderstanding you. Are you suggesting that one put the <Directory> block outside of the <VirtualHost> block? I must be misunderstanding you. How will the <Directory> be applied to the appropriate virtualhost? Commented Feb 18, 2010 at 0:19
0

Is this a Plesk system? Sometimes you have to watch how the various http includes are being compiled. You may have something in a later include file that is over writing your first statement.

Improve this answer
0

Thanks. this code works.

NameVirtualHost 127.0.0.1

NameVirtualHost 192.168.44.141

<VirtualHost 127.0.0.1 192.168.44.141> #ServerName localhost.com ServerName www.localhost.com DocumentRoot "E:/abcd" <Directory "E:/abcd/files"> Options Indexes FollowSymLinks AllowOverride none Order allow,deny Allow from 192.168.44.128 Deny from all </Directory> </VirtualHost>
Improve this answer
1
  • it works either use "Allow from" or "Deny from" in VirtualHost block. If i try to use both lines in VirtualHost block, it will not properly work. Commented Feb 25, 2013 at 11:22

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.