you could try /etc/hosts.deny On Fri, Dec 1, 2017 at 4:03 AM, Timothy D Legg <apa...@timothylegg.com> wrote:
> Hello, > > I am wanting to restrict a subdirectory of a website to a single, maybe > two, IP addresses. > > I will refer to this documentation: > httpd.apache.org/docs/current/howto/access.html > under the section "Access control by host". > > This document suggests that 'Allow', 'Order', and 'Deny' are deprecated, > so I am avoiding using these going forwards. It decided to exercise this > restriction with mod_authz_host. I verified that authz_core_module, > authz_host_module, authz_user_module are enabled. > > I added these lines inside the <VirtualHost *:443> block: > > <Directory /var/www/html/graphs> > Require ip 192.168.40.80 > </Directory> > > But a test revealed I was able to wget graphs/test.html on a different > machine (192.168.40.81). > > I've only read the documentation. Practically every non-Apache website > still uses Order-Allow-Deny methodologies, so it's still not clear how > this is actually done in practice. Why did this not work? > > Thanks, Timothy D Legg > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
