Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Apache - Restrict to IP not working

Tags:

apache

virtualhost

I've a subdomain that I only want to be accessible internally; I'm trying to achieve this in Apache by editing the VirtualHost block for that domain. Can anybody see where I'm going wrong? Note, my internal IP address here are 192.168.10.xxx. My code is as follows:

<VirtualHost *:80>
  ServerName test.example.co.uk
  DocumentRoot /var/www/test
  ErrorLog /var/log/apache2/error_test_co_uk.log
  LogLevel warn
  CustomLog /var/log/apache2/access_test_co_uk.log combined
  <Directory /var/www/test>
    Order allow,deny
    Allow from 192.168.10.0/24
    Allow from 127
  </Directory>
</VirtualHost>

Thanks

like image 744
Probocop Avatar asked Apr 21 '10 13:04

Probocop

People also ask

How do I restrict access to IP?

To restrict login for all users, complete the following steps: Click Restrict login by IP, then click Global restrictions tab . Enter the global IP address ranges (in CIDR notation) in the Restrict global login to allowed IP range field. Click Save configuration.

How do I allow only certain IP addresses?

How to manage access with an IP Manager? Go to Hosting → Manage → IP Manager: There, you will be able to find 2 options: add IPs to allow and block access to your website: Just add an IP you wish to create rules for, leave a note (optional) and click on Add.

How to restrict access to an IP address in Apache?

Apache’s configuration allows access to be restricted by IP address in both the main configuration file, virtualhost directives and .htaccess files. It can be useful to deny access to specific IP addresses, for example to keep a bad robot out; and it can equally be useful to deny access to all IP addresses but allow a select few in, ...

How do I restrict IP address access to a website?

Apache Restrict Access by IP Sometimes you may need to limit access or deny access by IP to your website. Apache allows you to limit directory access by IP, restrict file access by IP, limit URL access by IP. In fact, it allows you to restrict access to single IP, multiple IPs and range of IP addresses.

Why can't my IP address be blocked?

Have a look at your server's access logs, and check how your IP address is logged. You might actually be blocking an IPv4 address, while reaching your web server with your IPv6 address (which is not blocked). If you don't have access to these logs, just try to block your IPv6 the same way you're trying to block your IPv4.

Is'deny from all'really blocked by Apache?

But unfortunately it is not blocked. If I set 'Deny from all' in the third line of my .htaccess, all access is blocked as expected. So it seems the directive is read by Apache but if I set anything else but 'from all' i. e. a host name or an IP or an IP wildcard etc. no blocking happens.

1 Answers

You're missing the Deny from all line? Oh, and using the wrong order.

Quoting the mod_access docs:

[...] all hosts in the apache.org domain are allowed access; all other hosts are denied access.

Order Deny,Allow
Deny from all
Allow from apache.org
like image 146
ndim Avatar answered Oct 14 '22 20:10

ndim
Sign in to Comment

Related questions

Rewrite condition catchall if the URI doesn't start with this
How can I change default port number of Activemq
Redirect all request from old domain to new domain
Apache mod_proxy_fcgi and PHP-FPM (php-cgi.exe) issue (No input file specified.) on Windows
React app is looking for static files in different location when using proxy
Apache-ssl vs mod_ssl
Apache's ErrorDocument directive does not redirect
How to remove part of URl with .htaccess?
Apache 403 while serving Django static files
Cannot access to web server via local IP address on UBUNTU 12.10
Use "Redirect" and "ProxyPass"
Not able to see STDERR Output with docker
apache map single subdomain to folder
.htaccess in Multiple Environments
How can I escape slash sign `/` in Apache `<If>` directive's regex?
ProxyPreserveHost seems to do little for me
Slow access to Django's request.body
How do I make a url forbidden in apache mod_rewrite, based on the query string?
Apache's limit to POST request size
(notice) child pid XXXX exit signal Segmentation fault (11), possible coredump in /etc/apache2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!