ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button
  Apache Web-Serving with Mac OS X: Part 2
Subject:   Directory directives not working
Date:   2003-09-04 10:17:58
From:   anonymous2
I am running Apache 1.3.27 on Mac OS X Server v10.2.6 and would like to restrict access to a particular folder based on incoming IP number. In my httpd.conf file I added simply:

<Directory "/Library/WebServer/restrict">
Order Deny,Allow
Deny from All

and this restricts access to the "restrict" directory for everyone giving the Forbidden error page, as I would expect.

When I change the above to:

<Directory "/Library/WebServer/restrict">
Order Deny,Allow
Deny from All
Allow from 192.168.0 # IP number changed to protect the innocent--my intention would be to allow the entire 192.168.0.X domain in this example access to the restricted folder

However, Apache seems to ignore this Allow directive and I am again denied access from a machine on the 192.168.0.X domain.

The access_log says: - - [04/Sep/2003:08:12:28 -0400] "GET /restrict/restrict.html HTTP/1.1" 403 321

The error_log says:

[Thu Sep 4 08:12:28 2003] [error] [client] client denied by server configuration: /Library/WebServer/restrict/restrict.html

I've also tried the Allow directive in the form:

Allow from 192.168.0.

I've also tried entering the Directory directive in the httpd_macosxserver.conf file--which gives the same results.

mod_access.so is being loaded.


It appears that the Allow directive is working, although Apache doesn't appear to be checking it against the incoming user's IP number--it seems to be checking against the server's ip number.

For example, if I allow just one ip number:

Allow from

it denies access for the user

However, if I allow access for the SERVER'S IP number:

Allow from # where .20 is the server's IP number, EVERYONE is granted access.

This is driving me crazy...

Any suggestions would be greatly appreciated.