On Fri, Nov 01, 2019 at 11:06:26PM +0100, to...@tuxteam.de wrote: > That will depend on whether apache is compiled with tcpwrappers (that's > the library implementing the hosts.{allow,deny} policies). I don't > know whether Debian's distribution does that (perhaps others will).
It's not. arc3:~$ dpkg -l \*apache\* | grep '^.i' ii apache2 2.4.38-3+deb10u3 i386 Apache HTTP Server ii apache2-bin 2.4.38-3+deb10u3 i386 Apache HTTP Server (modules and other binary files) ii apache2-data 2.4.38-3+deb10u3 all Apache HTTP Server (common files) ii apache2-utils 2.4.38-3+deb10u3 i386 Apache HTTP Server (utility programs for web servers) ii libapache2-mod-authnz-pam 1.2.0-1 i386 PAM authorization checker and PAM Basic Authentication provider ii libapache2-mod-php 2:7.3+69 all server-side, HTML-embedded scripting language (Apache 2 module) (default) ii libapache2-mod-php5 5.6.30+dfsg-0+deb8u1 i386 server-side, HTML-embedded scripting language (Apache 2 module) ii libapache2-mod-php7.0 7.0.33-0+deb9u3 i386 server-side, HTML-embedded scripting language (Apache 2 module) ii libapache2-mod-php7.3 7.3.9-1~deb10u1 i386 server-side, HTML-embedded scripting language (Apache 2 module) arc3:~$ for i in apache2 apache2-bin apache2-data apache2-utils; do apt-cache show "$i" | grep wrap; done arc3:~$