Gentlemen, In /etc/httpd/conf/httpd.conf is this line include conf.d/*.conf so out of curiosity I looked in /etc/httpd/conf.d and found among others : BackupPC.conf roundcubemail.conf webalizer.conf In these files you can find their alias, now when I go http://something.org/alias I get error 401, not authorized, error 403, forbidden and / or error 404, page not found. If I change Code: order deny,allow deny from all allow from 127.0.0.1 Into this Code: order allow,deny allow from all #allow from 127.0.0.1 am I exposing my server to a security risk ? PS when I changed the code the pages showed with or without username / password prompt.
By altering these lines, you make it available for the whole world. If you have no problems with it, then theres no problem.
@ Hooglander, In the mean time I tried some other allow from lines allow from 192.168.0.1, my gateway, this works allow from 192.168.0.10, a computer in my home network, does not work allow from 192.168.0.100, my webserver, does not work allow from 62.194.xxx.xxx, my internet IP, does not work I would like to access these pages from every computer ( at work, at friends, when with holyday ) There is no need for the world to access these pages.
Code: Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 192.168.0.1 Allow From 192.168.0.100 Allow From 62.194.xxx.xxx Alternatively, you can allow it to the world, but protect it with .htaccess
