Apache2 ACL

To: debian-user@lists.debian.org
Subject: Apache2 ACL
From: Lars <debs@utysket.dk>
Date: Mon, 16 Jun 2008 19:22:49 +0200
Message-id: <[🔎] 4856a11a$0$90274$14726298@news.sunsite.dk>

Hi

My network is split into the LAN (192.168.0.0/27) and DMZ(192.168.0.32/29). My web-server, Apache2 on Debian Etch, is located inthe DMZ zone. The ACL on the webserver allows all from the LAN networkto access and other has to authenticate. Until a few weeks ago it workedfine, but now all has to login. In the apache2-log users from LAN usedto have the entry IP 192.168.0.1 from the firewall's NIC from the LANside, but now it's the NIC from the DMZ side that appear in the log andeverybody has to login.


<Directory /www/dom.dk>
       DAV On
       AuthType Basic
       AuthBasicProvider ldap
       AuthName "Home"
       AuthzLDAPAuthoritative off
       AuthLDAPURL ldap://ldap.dom.dk:389/ou=People,dc=dom,dc=dk
       AuthLDAPBindDN "cn=apache-user,dc=dom,dc=dk"
       AuthLDAPBindPassword "<password>"
       require valid-user
       Order deny,allow
       Deny from all
       Allow from 192.168.0.0/255.255.255.224
       Satisfy any
</Directory>

Network:

User: 192.168.0.22 ---> {FW-LAN: 192.168.0.1/27 >FW-DMZ:192.168.0.33/29} --> WWW: 192.168.0.34/29

--
/Lars

Reply to:

Prev by Date: Re: making bootup fsck more user-friendly
Next by Date: Re: making bootup fsck more user-friendly
Previous by thread: iceweasel 3 (sid) + Mouse buttons do not work as Back and Forward
Next by thread: printing with firefox 3
Index(es):
- Date
- Thread