I have a web site that I'm serving on an Apache server, and it has a number of different folders, but I only want the user to be able to access certain ones -- the majority of them I don't want the user to access. I tried modifying my /etc/apache2/conf.d/security file to do this, but I can't figure out why it's not working.
And before anyone asks, yes, I did restart apache, both with apachectl restart and service apache2 restart.
Anyway, my security file looks like this:
Code:
# Root directory
<Directory /var/www>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
# Directory I want the user to access
<Directory /var/www/mysite>
AllowOverride None
Order Allow,Deny
Allow from all
</Directory>
# Other directories for the user to access down here
This seems like it should work, based on a lot of Googling, but I'm still getting access to all my folders from the browser, and access to folder indexes, which I don't want in any folder, regardless of whether it can be seen in the browser.
Can anyone point me in the right direction about what I'm doing wrong, please?
restricted access...
Hi
I need to restrict users shell access to only $HOME under /home for each user. I don't want them getting out of their own directories. From what I understand chroot is something I could use, but I want to avoid this since it involves creating symbolic links to a number... (9 Replies)
I need to create a user that only has access to 1 directory (e.g. /vol/mita/test). The user needs to be able to rsh into that directory to run a script. The user should not be able to navigate to any other directories above /vol/mita/test. Any help would be appreciated! (4 Replies)
Hi All,
I'm on Solaris 8, I need to provide Read-only access to a user to 2 directories only.
Using rsh (restricted shell) as the user's login shell, I can restrict the user's access to a certain directory only, but how can I set in such a way that the user can access only the 2 directories... (4 Replies)
Hi,
I have web server (apache) installed in server-1 and i want to view the web pages from diferent servers also while the web server is running only in one server ....(all the servers are connected to office LAN)
right now all the servers have apache running......and CPU utilzation is at its... (2 Replies)
We want to secure access to a server by restricting the number of users who can login to it. Our users are NIS users. Only few of them can telnet/ssh this server.
Do you have any idea on how to implement that?
thanks. (1 Reply)
Hello all,
I am new to Linux and am trying to set a password for access to Apache server access. I have both Apache and Tomcat installed in my server, Apache forwards the requests to our Tomcat server which servers the java application we have.
The Java application is not configured to ask... (1 Reply)
Hi All,
I am facing a problem, regarding code security on a server.
We have configured a server which contains our code (ear present in jboss/server/xyz/deploy) in it, and need to bind the code to the server itself so that no one can take the code out of the. the problem is that the password of... (3 Replies)
Dear All,
I have created a user called "x" who is allowed only to FTP and it is working fine. Here my problem is, I want to give access to a particular directory say for eg:- /dump/test directory. I don't find any option in the useradd command to restrict access to this particular directory only... (1 Reply)
Hello,
I want to restrict access to our Subversion repositories to only our internal network.
I have a virtual host directive setup in Apache for the IP and port 443. When I put the following:
<VirtualHost 205.147.86.33:443>
<Directory "/var/www/svn/">
Order deny,allow
AllowOverride... (0 Replies)
Hello,
I want to restrict access to our Subversion repositories to only our internal network.
I have a virtual host directive setup in Apache for the IP and port 443. When I put the following:
<Directory "/var/www/svn/">
Order allow,deny
AllowOverride None
Allow from 10.5.10.0/24
Allow... (1 Reply)
Discussion started by: mojoman
1 Replies
LEARN ABOUT HPUX
apache2ctl
apache2ctl(8) System Manager's Manual apache2ctl(8)NAME
apache2ctl - Apache HTTP server control interface
SYNOPSIS
When acting in SysV init mode, apache2ctl takes simple, one-word commands, defined below.
apachectl command
apache2ctl command
When acting in pass-through mode, apache2ctl can take all the arguments available for the httpd binary.
apachectl [httpd-argument]
apache2ctl [httpd-argument]
DESCRIPTION
apache2ctl is a front end to the Apache HyperText Transfer Protocol (HTTP) server. It is designed to help the administrator control the
functioning of the Apache apache2 daemon.
NOTE: The default Debian configuration requires the environment variables APACHE_RUN_USER, APACHE_RUN_GROUP, and APACHE_PID_FILE to be set
in /etc/apache2/envvars.
The apache2ctl script returns a 0 exit value on success, and >0 if an error occurs. For more details, view the comments in the script.
OPTIONS
The command can be any one or more of the following options:
start Start the Apache daemon. Gives an error if it is already running.
stop Stops the Apache daemon.
restart Restarts the Apache daemon by sending it a SIGHUP. If the daemon is not running, it is started. This command automatically
checks the configuration files via configtest before initiating the restart to to catch the most obvious errors. However,
it is still possible for the daemon to die because of problems with the configuration.
fullstatus Displays a full status report from mod_status. For this to work, you need to have mod_status enabled on your server and a
text-based browser such as lynx available on your system. The URL used to access the status report can be set by setting the
APACHE_STATUSURL variable in /etc/apache2/envvars.
status Displays a brief status report. Similar to the fullstatus option, except that the list of requests currently being served is
omitted.
graceful Gracefully restarts the Apache daemon by sending it a SIGUSR1. If the daemon is not running, it is started. This differs
from a normal restart in that currently open connections are not aborted. A side effect is that old log files will not be
closed immediately. This means that if used in a log rotation script, a substantial delay may be necessary to ensure that
the old log files are closed before processing them. This command automatically checks the configuration files via
apache2ctl configtest before initiating the restart to to catch the most obvious errors. However, it is still possible for
the daemon to die because of problems with the configuration.
graceful-stop Gracefully stops the Apache httpd daemon. This differs from a normal stop in that currently open connections are not
aborted. A side effect is that old log files will not be closed immediately.
configtest Run a configuration file syntax test. It parses the configuration files and either reports Syntax Ok or information about the
particular syntax error. This test does not catch all errors.
help Displays a short help message.
The following option was available in earlier versions but has been removed.
startssl To start httpd with SSL support, you should edit your configuration file to include the relevant directives and then use the
normal apache2ctl start.
ENVIRONMENT
The behaviour of apache2ctl can be influenced with these environment variables: APACHE_HTTPD, APACHE_LYNX, APACHE_STATUSURL,
APACHE_ULIMIT_MAX_FILES, APACHE_RUN_DIR, APACHE_LOCK_DIR, APACHE_RUN_USER, APACHE_ARGUMENTS, APACHE_ENVVARS. See the comments in the
script for details. These variables (except APACHE_ENVVARS) can be set in /etc/apache2/envvars.
SEE ALSO apache2(8), /usr/share/doc/apache2/README.Debian.gz
April 2008 apache2ctl(8)
06-04-2013
Restricting directory access in Apache server
