I have a web site that I'm serving on an Apache server, and it has a number of different folders, but I only want the user to be able to access certain ones -- the majority of them I don't want the user to access. I tried modifying my /etc/apache2/conf.d/security file to do this, but I can't figure out why it's not working.
And before anyone asks, yes, I did restart apache, both with apachectl restart and service apache2 restart.
Anyway, my security file looks like this:
Code:
# Root directory
<Directory /var/www>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
# Directory I want the user to access
<Directory /var/www/mysite>
AllowOverride None
Order Allow,Deny
Allow from all
</Directory>
# Other directories for the user to access down here
This seems like it should work, based on a lot of Googling, but I'm still getting access to all my folders from the browser, and access to folder indexes, which I don't want in any folder, regardless of whether it can be seen in the browser.
Can anyone point me in the right direction about what I'm doing wrong, please?
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Hi,
I have web server (apache) installed in server-1 and i want to view the web pages from diferent servers also while the web server is running only in one server ....(all the servers are connected to office LAN)
right now all the servers have apache running......and CPU utilzation is at its... (2 Replies)
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Hello all,
I am new to Linux and am trying to set a password for access to Apache server access. I have both Apache and Tomcat installed in my server, Apache forwards the requests to our Tomcat server which servers the java application we have.
The Java application is not configured to ask... (1 Reply)
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Hello,
I want to restrict access to our Subversion repositories to only our internal network.
I have a virtual host directive setup in Apache for the IP and port 443. When I put the following:
<VirtualHost 205.147.86.33:443>
<Directory "/var/www/svn/">
Order deny,allow
AllowOverride... (0 Replies)
Hello,
I want to restrict access to our Subversion repositories to only our internal network.
I have a virtual host directive setup in Apache for the IP and port 443. When I put the following:
<Directory "/var/www/svn/">
Order allow,deny
AllowOverride None
Allow from 10.5.10.0/24
Allow... (1 Reply)
Discussion started by: mojoman
1 Replies
LEARN ABOUT DEBIAN
apache2
APACHE2(8) apache2 APACHE2(8)NAME
apache2 - Apache Hypertext Transfer Protocol Server
SYNOPSIS
apache2 [ -d serverroot ] [ -f config ] [ -C directive ] [ -c directive ] [ -D parameter ] [ -e level ] [ -E file ] [ -k
start|restart|graceful|stop|graceful-stop ] [ -R directory ] [ -h ] [ -l ] [ -L ] [ -S ] [ -t ] [ -v ] [ -V ] [ -X ] [ -M ]
SUMMARY
apache2 is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used
like this it will create a pool of child processes or threads to handle requests.
In general, apache2 should not be invoked directly, but rather should be invoked via /etc/init.d/apache2 or apache2ctl. The default Debian
configuration requires environment variables that are defined in /etc/apache2/envvars and are not available if apache2 is started directly.
However, apache2ctl can be used to pass arbitrary arguments to apache2.
DOCUMENTATION
The full documentation is available in the apache2-doc package or at http://httpd.apache.org/docs/2.2/ . Information about Debian specific
changes and configuration can be found in /usr/share/doc/apache2/README.Debian.gz .
OPTIONS -d serverroot
Set the initial value for the ServerRoot directive to serverroot. This can be overridden by the ServerRoot directive in the configu-
ration file.
-f config
Uses the directives in the file config on startup. If config does not begin with a /, then it is taken to be a path relative to the
ServerRoot. The default is /etc/apache2/apache2.conf.
-k start|restart|graceful|stop|graceful-stop
Signals apache2 to start, restart, or stop. See Stopping Apache for more information.
-C directive
Process the configuration directive before reading config files.
-c directive
Process the configuration directive after reading config files.
-D parameter
Sets a configuration parameter which can be used with <IfDefine> sections in the configuration files to conditionally skip or
process commands at server startup and restart.
-e level
Sets the LogLevel to level during server startup. This is useful for temporarily increasing the verbosity of the error messages to
find problems during startup.
-E file
Send error messages during server startup to file.
-R directory
When the server is compiled using the SHARED_CORE rule, this specifies the directory for the shared object files.
-h Output a short summary of available command line options.
-l Output a list of modules compiled into the server. This will not list dynamically loaded modules included using the LoadModule
directive.
-L Output a list of directives together with expected arguments and places where the directive is valid.
-M Dump a list of loaded Static and Shared Modules.
-S Show the settings as parsed from the config file (currently only shows the virtualhost settings).
-t Run syntax tests for configuration files only. The program immediately exits after these syntax parsing tests with either a return
code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error). If -D DUMP_VHOSTS is also set, details of the virtual host con-
figuration will be printed. If -D DUMP_MODULES is set, all loaded modules will be printed.
-v Print the version of apache2, and then exit.
-V Print the version and build parameters of apache2, and then exit.
-X Run apache2 in debug mode. Only one worker will be started and the server will not detach from the console.
SEE ALSO apache2ctl(8), /usr/share/doc/apache2/README.Debian.gz
Apache HTTP Server 2008-04-05 APACHE2(8)
06-04-2013
Restricting directory access in Apache server
