On Mon, 27 Jan 2003, Pierfrancesco Caci wrote: > > hi, if you run apache 1.3.27-0.1.ipv6.r1, can you please check if > access control works? I got free access to my internal use only pages > from an external network, and I seem not to be able to stop that. The > only hint that I have, is that I'm getting to my server with a > ::ffff:x.y.z.t address (i.e. a mapped address). > > Apache2 doesn't have this problem (similar configuration). > > Pf > >
No I do not have this problem. I did test immediatly after you informed me on irc. ::ffff:X.Y.194.127 - - [27/Jan/2003:18:11:20 +0100] "GET / HTTP/1.0" 200 148 "-" "Lynx/2.8.4rel.1 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6c" ::ffff:X.Y.194.127 - - [27/Jan/2003:18:11:30 +0100] "GET /stats/ HTTP/1.0" 403 277 "-" "Lynx/2.8.4rel.1 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6c" this is the access i did. and the specific access control is: <Location /stats> order deny,allow deny from all allow from int.fabbione.net 3ffe:Y:X:3::/64 Options Indexes FollowSymLinks MultiViews </Location> of course X and Y are real values... Fabio
