[Novalug] OT apache restricting parent folder

Mackenzie Morgan macoafi@gmail.com
Thu Jul 17 14:01:02 EDT 2008


On Thu, Jul 17, 2008 at 1:58 PM, Miguel Gonzalez Castaños
<miguel_3_gonzalez@yahoo.es> wrote:
> Kevin Cole wrote:
>> On Thu, Jul 17, 2008 at 12:23, Kevin Cole <dc.loco@gmail.com> wrote:
>>
>>> On Thu, Jul 17, 2008 at 10:52, Mackenzie Morgan <macoafi@gmail.com> wrote:
>>>
>>>> On Thu, Jul 17, 2008 at 9:23 AM, Miguel Gonzalez Castaños
>>>> <miguel_3_gonzalez@yahoo.es> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>>  I'm playing with the directives allowing access based on IP addresses
>>>>> for the Trac Bug system. Apparently .htaccess failes are not being used
>>>>> so I have to put Location tags to limit access.
>>>>>
>>>>>  While it is pretty easy that I do grant access to everybody to
>>>>> /projects and then limit access to /projects/sandbox is really difficult
>>>>> to do it the other way round. Give access to sandbox but limit access to
>>>>> projects based on IP address. Why I want this? If you are able to see
>>>>> /projects, you can see the list of all projects hosted, and apparently
>>>>> they don't want this.
>>>>>
>>>>>  Anyway to work around this?
>>>>>
>>>> Turn off directory listings.  No, I don't know what the settings is,
>>>> but there is a way to make Apache not list everything when you just go
>>>> to the directory.
>>>>
>>> If memory serves, that would be the "Options Indexes"  (See also
>>> "AllowOverrides")
>>>
> Ok, the question is that Trac uses python and the listing of projects is
> done by Python. So I want to restrict the folder, not disable directory
> listing. Disabling directory listing what it does is not showing the
> list of files on that folder if there is no index.htm, html, php or
> whatever you define. This is not the case. I just want to restrict acess
> to the parent folder.
>
> As I said, I was able to do it the other way round (block access to
> subfolders) using the Allow from all or deny from all in the location tags

When you say .htaccess isn't being used...is that by *choice* or are
you considering that broken?  If it's supposed to work and isn't,
check that your httpd.conf has mod_access (if it's 2.1 or earlier) and
um...I forget the name in 2.2

-- 
Mackenzie Morgan
Linux User #432169
ACM Member #3445683
http://ubuntulinuxtipstricks.blogspot.com <-my blog of Ubuntu stuff
apt-get moo


More information about the Novalug mailing list