On Mon, Nov 04, 2019 at 09:08:36AM -0500, Gene Heskett wrote: > On Monday 04 November 2019 08:45:42 Greg Wooledge wrote: > > > On Fri, Nov 01, 2019 at 11:06:26PM +0100, tomas@tuxteam.de wrote: > > > That will depend on whether apache is compiled with tcpwrappers > > > (that's the library implementing the hosts.{allow,deny} policies). I > > > don't know whether Debian's distribution does that (perhaps others > > > will). > > > > It's not. > > Oh fudge, no wonder my mechinations with /etc/hosts.deny have zero long > term effect. > > Does apache2 have its own module that would prevent its responding to an > ipv4 address presented in a .conf file as "xx.xx.xx.xx/24" format? More or less (your request is too specific, the /24 can be an arbitrary netmask). This has come up already in this thread. See, e.g. https://httpd.apache.org/docs/2.4/howto/access.html for several ways to skin that cat. I can't tell you how to actually weave those configuration snippets into the Debian-provided config -- it's a long time since I "did" Apache myself. I know that Debian breaks down the config into multiple files to ease separate package configuration. All lives somewhere under /etc/apache2, there are subdirectories for configuration snippets (conf-available and conf-enabled -- the latter being just a link farm to the former, to ease dis- and enabling of individual config items: there are commands for that (a2enconf, a2disconf) -- likewise for different sites (if your Apache is serving several sites). It's bound to be a panoramic ride. Apache config is a heck of a dungeon. But I think this is where you should start. Cheers -- t
Attachment:
signature.asc
Description: Digital signature