Menu
In Apache HTTP Server 2.4: How to restrict access to directory listings to some ip ranges? Files should be still publicly downloadable over URLs but directory listings should be restricted.
374
In Apache, directory listing is a default behavior that displays the contents of a directory if there is no default index file such as index. php or index. html.
For example, if you have someone spamming your message board, and you want to keep them out, you could do the following: <RequireAll> Require all granted Require not ip 10.252. 46.165 </RequireAll> Visitors coming from that address ( 10.252. 46.165 ) will not be able to see the content covered by this directive.
Access control by User-Agent is an unreliable technique, since the User-Agent header can be set to anything at all, at the whim of the end user. In the above example, the environment variable GoAway is set to 1 if the User-Agent matches the string BadBot . Then we deny access for any request when this variable is set.
This is possible with <If> Expression.
This is your vhost/conf:
<VirtualHost *:80>
DocumentRoot /var/www/html
Options -Indexes # disable listing
<If "%{REMOTE_ADDR} == '10.0.0.5'">
Options +Indexes # enable listing if ip matches
</If>
</VirtualHost>
<Directory /var/www/html>
Require all granted
</Directory>
Tested it with Ubuntu Server and Windows with Apache 2.4 – sadly this won't work with older Apache versions.
For IP ranges it is possible to use another way to check the IP:
<If "%{REMOTE_ADDR} -ipmatch '10.0.0.0/8'">
or faster way is with -R:
<If "-R '192.168.0.0/16' || -R '10.0.248.0/24'">
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
