[ale] Apache
Jim Popovitch
jimpop at yahoo.com
Mon May 29 15:41:43 EDT 2006
Bj?rn Gustafsson wrote:
> If you look at the httpd.conf file, you will probably see at least
> some sample <Location> blocks. These will typically include
> allow/deny pairs.
>
> For example:
>
> <Location /server-status>
> SetHandler server-status
> Order deny,allow
> Deny from all
> allow from 127.0.0.1
> allow from 192.168.0
> </Location>
>
> That allows the path /server-status to be accessed *only* from the
> loopback IP and from the 192.168.0.0/24 subnet. In the case of a
> typical location, you wouldn't need the SetHandler phrase -- that
> redirects the path /server-status to a special internal handler.
You could also allow from everywhere, but securely password protect it
by using these settings inside a VirtualHost setup for SSL:
<Location /server-status>
SetHandler server-status
AuthName "Status"
AuthType Basic
AuthUserFile /var/www/.htpasswd
require valid-user
</Location>
-Jim P.
More information about the Ale
mailing list