Harden security

jang · Oct 5, 2006

Is it possible to limit the webaccess to ISP-config to certain IP-numbers by putting a .htaccess file somewhere?

The goal is to achieve that everyone can access http://ww.example.com but only some ip-adresses can access https://www.example.com:81

How should I do that?

Or isn't that considered to be a security issue. I installed a few days ago the denyhosts (following the excellent tutorial), and my list of hosts.deny is allready quite long.

Thx,

Jang

Ben · Oct 6, 2006

You can either do that with firewallrules or with an htaccess / change in ispconfig's apache config (in httpd.conf it is about line 340)

<Directory "/home/admispconfig/ispconfig/web">

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options FollowSymLinks MultiViews

#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
Click to expand...

till · Oct 6, 2006

Yust for reference, Ben is talking about this httpd.conf file

/root/ispconfig/httpd/conf/httpd.conf

Ben · Oct 6, 2006

that's right, sry

jang · Oct 6, 2006

Done,

thx!

Jang

Log in or Sign up

Harden security

jang New Member

Ben Active Member Moderator

till Super Moderator Staff Member ISPConfig Developer

Ben Active Member Moderator

jang New Member

Share This Page

Log in or Sign up

Harden security

jang New Member

Ben Active Member Moderator

till Super Moderator Staff Member ISPConfig Developer

Ben Active Member Moderator

jang New Member

Share This Page

Useful Searches