Coding With Fun
Home Docker Django Node.js Articles Python pip guide FAQ Policy

10.6 Apache's access control

May 24, 2021 That's what Linux should learn

Apache can access resources on a Web site based on information such as the source host name, source IP address, or browser characteristics on the source host. I t allows a host to access web site resources on the server through the Alllow directive, and the Deny directive enables access to be disabled. T he Order directive is also used when site resources are allowed or denied, which defines the order in which the Alllow or Deny instructions work, and the matching principle is to match in order and, if successful, to execute the default instructions that follow. For example, "Order Allow, Deny" means that the source host is first matched to the allow rule, and if the match is successful, an access request is allowed and, conversely, an access request is denied.

Step 1: Start by creating a new subdirecte in the site data catalog on the server and a home page file with the WordSuccessful in this subdirect directory.

Step root@linuxprobe 2: Open the profile of the httpd service and add the following rules to root@linuxprobe restrict access to the source host after line var/www/html/server/index.html 129. T his rule means that hosts using Firefox browsers are allowed to access the home page files on the server, and all other requests will be denied. Access using Firefox is shown in Figure 10-18.

[root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf .................. O mit some of the output information... 1 29 <Directory "/var/www/html/server"> 130 SetEnvIf User-Agent "Firefox" ff=1 131 Order allow,deny 132 Allow from env=ff 133 </Directory> .................. O mit some of the output information... [root@linuxprobe ~]# systemctl restart httpd [root@linuxprobe ~]# firefox

10.6 Apache's access control Figure 10-18 Firefox was successfully accessed

In addition to matching the browser characteristics of the source host, access control can also be achieved by matching the IP address of the source host. F or example, if we only allow hosts with IP addresses of 192.168.10.20 to access site resources, we can add the following rules after line 129 of the httpd service profile. This will prompt the httpd service provider to be denied access to the first page of the website when it is accessed using the machine (i.e. the server, whose IP address is 192.168.10.10), as shown in Figure 10-19.

[root@linuxprobe ~]# vim /etc/httpd/conf/httpd.conf .................. O mit some of the output information... 1 29 <Directory "/var/www/html/server"> 130 Order allow,deny 131 Allow from 192.168.10.20 132 </Directory> .................. O mit some of the output information... [root@linuxprobe ~]# systemctl restart httpd [root@linuxprobe ~]# firefox

10.6 Apache's access control Figure 10-19 Denied access because the IP address does not meet the requirements


Related

0.1 Introduction to the author of this book

4.4 Schedule task service programs

8.2 Iptables

Chapter 2 The Linux command that no newx must master.

11.1 File transfer protocol

19.2.2 Configure the TFTP service program

2.4 System status detection command

Chapter 1 Deploy a virtual environment to install a linux system.

10.5.3 is based on the port number

13.1 DNS domain name resolution service