问题
I've a subdomain that I only want to be accessible internally; I'm trying to achieve this in Apache by editing the VirtualHost block for that domain. Can anybody see where I'm going wrong? Note, my internal IP address here are 192.168.10.xxx. My code is as follows:
<VirtualHost *:80>
ServerName test.example.co.uk
DocumentRoot /var/www/test
ErrorLog /var/log/apache2/error_test_co_uk.log
LogLevel warn
CustomLog /var/log/apache2/access_test_co_uk.log combined
<Directory /var/www/test>
Order allow,deny
Allow from 192.168.10.0/24
Allow from 127
</Directory>
</VirtualHost>
Thanks
回答1:
You're missing the Deny from all line? Oh, and using the wrong order.
Quoting the mod_access docs:
[...] all hosts in the apache.org domain are allowed access; all other hosts are denied access.
Order Deny,Allow Deny from all Allow from apache.org
回答2:
The problem is your allow line for the local network. Replace Allow from 192.168.10.0/24 with Allow from 192.168.10. (will allow 192.168.10.*).
For completeness, add a Deny from all line to make it clear that you're blocking everyone else.
回答3:
I suppose the path inside Directory tag should be simply /
<VirtualHost *:80>
ServerName test.example.co.uk
DocumentRoot /var/www/test
ErrorLog /var/log/apache2/error_test_co_uk.log
LogLevel warn
CustomLog /var/log/apache2/access_test_co_uk.log combined
<Directory />
Order allow,deny
Allow from 192.168.10.0/24
Allow from 127
</Directory>
</VirtualHost>
and please don't forgot to restart apache
来源:https://stackoverflow.com/questions/2683347/apache-restrict-to-ip-not-working