| Lighttpd Deny Access By IP Address (mod_access) |
 |
 |
 |
| How To - Lighttpd | |||||||||||||||||||
| Written by Christian Foronda | |||||||||||||||||||
| Thursday, 08 April 2010 09:53 | |||||||||||||||||||
|
Lighttpd has mod_access module. The access module is used to deny access to files with given trailing path names. You need to combine this with remoteip conditional configuration. Conditional Configuration:
<operator> is one of:
Configuration: Open your lighttpd configuration file: # vi /etc/lighttpd/lighttpd.conf
Append the add mod_ access to list of server modules: server.modules = ( "mod_access" )
Examples: Block access to http://domain.com/docs/ url if IP address is NOT 192.168.1.5 and 192.168.1.6: $HTTP["remoteip"] !~ "192.168.1.5|192.168.1.6"
$HTTP["url"] =~ "^/docs/" {
url.access-deny = ( "" )
}
}
Do not allow IP address 192.168.1.5 to access the site: $HTTP["remoteip"] == "192.168.1.5" {
url.access-deny = ( "" )
}
Do not allow IP address 192.168.1.5, 192.168.1.6 to access our site: $HTTP["remoteip"] =~ "192.168.1.5|192.168.1.6" {
url.access-deny = ( "" )
}
Deny the access to www.example.org to all which are not in the 10.0.0.0/8 network : $HTTP["host"] == "www.example.org" {
$HTTP["remoteip"] != "10.0.0.0/8" {
url.access-deny = ( "" )
}
}
Deny the access to www.example.org to all which are not in the 10.0.0.0/8 and/or 172.16.2.0/24 network: $HTTP["host"] == "www.example.org" {
$HTTP["remoteip"] != "10.0.0.0/8, 172.16.2.0/24" {
url.access-deny = ( "" )
}
}
Allow only 200.19.1.5 and 210.45.2.7 to have access to www.example.org/admin/: $HTTP["host"] == "www.example.org" {
$HTTP["remoteip"] !~ "^(200\.19\.1\.5|210\.45\.2\.7)$" {
$HTTP["url"] =~ "^/admin/" {
url.access-deny = ( "" )
}
}
Reference: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:Configuration http://www.cyberciti.biz/tips/lighttpd-restrict-or-deny-access-by-ip-address.html Similar articles
|
|||||||||||||||||||
| Last Updated on Wednesday, 09 February 2011 14:51 |
