On Sunday, 29 November 2020 07:30:16 GMT [email protected] wrote: > I'm trying to deny access to all except specific IP address in a > directory, just testing it. > > In modules.d/00_default_settings.conf > > <Directory "/var/www/localhost/htdocs"> > Options MultiViews > AllowOverride All > Require all granted > </Directory> > > in admin/.htaccess > > <RequireAll> > Require all denied > Require ip 10.0.0.100 > </RequireAll> > > My IP is 10.0.0.112 and I can still access the server /admin directory > > What am I missing?
In apache 2.4 the access control syntax has changed. The RequireAll directive means *all* authorisation directives within it must succeed. https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#requireall What happens if you just remove the first line, "Require all denied"?
signature.asc
Description: This is a digitally signed message part.
