Re: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-26 Thread J.M. Castroagudin
Thank you very much, Joshua (and thank you all) I have tried: (code) DocumentRoot "/disc/html/https" ServerName secure.foo.com Order Deny,Allow Deny from All #Allow from env=intranet (/code) And it does not work. I still can connect to /intranet... I also tried: (

Re: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-26 Thread mikat
You had the order right. I don't know about your problem though. http://httpd.apache.org/docs/2.0/mod/mod_access.html J.M. Castroagudin wrote: > > Hmmm... I thought that "deny,allow", as I had, was the right order. I > mean, "first of all, nobody can get in. Then, if someone`s IP match > 'in

Re: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-25 Thread Joshua Slive
On 9/13/07, J.M. Castroagudin <[EMAIL PROTECTED]> wrote: > Hi everybody, > > I have been trying to limit access to certain 'directories' (inside a > https vhost) based on IP directives. Something like this: > > > SetEnvIf remote_addr W.X.Y.Z intranet > SetEnvIf Client-ip W.X.Y.Z intranet > > > > D

Re: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-25 Thread J.M. Castroagudin
Er... I don`t want to look like I am desperate... but i am actually a bit, hehe... Anyone has any idea about this? am I doing something wrong? any contribution will be welcome Thank you all very much! J.M. Castroagudin escribió: Hmmm... I thought that "deny,allow", as I had, was the right ord

Re: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-13 Thread J.M. Castroagudin
Hmmm... I thought that "deny,allow", as I had, was the right order. I mean, "first of all, nobody can get in. Then, if someone`s IP match 'intranet', let him in" Anyway, I tried changing it, and it behaves the same: no SSL, works right. With SSL, everybody can get in... Perhaps there is

RE: [EMAIL PROTECTED] Allow/Deny directive and https

2007-09-13 Thread Phillip Hamilton
I'm no ENV pro, but have you tried "Order Allow, Deny"? "deny,Allow" The deny directives are evaluated before the Allow directives. Access is allowed by default. Any client which does not match a deny directive or does match an Allow directive will be allowed access to the server." :) -Orig