PDA

View Full Version : Apache: need help

salex
10th August 2009, 04:53 PM
Hi friends,

I tried to make my Apache not to serve any requests except GET and POST.
I Added:

<Limit GET POST>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST>
Order deny,allow
Deny from all
</LimitExcept>

Anyway if you:
telnet 1234.com 80
OPTIONS / HTTP/1.0

The result is as follows:
HTTP/1.1 200 OK
Date: Mon, 10 Aug 2009 15:41:21 GMT
Server: Apache
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

Where could be a problem?
Thanks a lot for you replies!!!
salex
10th August 2009, 06:59 PM
Hey!If it so easy please just advice, that would be helpful enough.
neogranas
11th August 2009, 05:46 AM

Where did you add that in your httpd.conf file? If you can, post the output of you apache config file, that may help.
salex
11th August 2009, 07:02 AM
Where did you add that in your httpd.conf file? If you can, post the output of you apache config file, that may help.

Hi neogranas,

Thanks for the reply. I added it twice: in VirtualHost section and before in Main' server configuration
here is info from the httpd.conf:
.....
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/var/www/html"> # it is just my default page and that is all
Options None
AllowOverride None
Order allow,deny
Allow from all
<Limit GET POST>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
.........
<VirtualHost *:80>
ServerName mypage.org
ServerAlias www.mypage.org
DocumentRoot /mydirectory
ErrorLog /mydirectory/error.log
TransferLog /mydirectory/access.log

<Directory /mydirectory>
AllowOverride None
Options None
<Limit GET POST>
Order allow,deny
Allow from all
</Limit>
</LimitExcept>
Order allow,deny
Allow from all
</Directory>

Thanks for any help!!!
Vector
19th August 2009, 01:38 AM
<Directory /mydirectory>
AllowOverride None
Options None
<Limit GET POST>
Order allow,deny
Allow from all
</Limit>
</LimitExcept>
Order allow,deny
Allow from all
</Directory>

Is not properly nested. Should be:
<Directory /mydirectory>
AllowOverride None
Options None
<Limit GET POST>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST>
Order allow,deny
deny from all
</LimitExcept>
</Directory>

But if you already have this specified for the root web directory, then why duplicate it?
salex
21st August 2009, 12:25 PM
Dear Alex-Grim,

Yes, you are right I have already solved it like you posted and removed Limit&LimitExcept for the root web directory. Seems I was too tired that time.:)

Thanks a lot anyway!!!
salex
21st August 2009, 12:26 PM
We can close this thread.