I'm no ENV pro, but have you tried "Order Allow, Deny"?

"deny,Allow"
The deny directives are evaluated before the Allow directives. Access is
allowed by default. Any client which does not match a deny directive or does
match an Allow directive will be allowed access to the server."


:)

-----Original Message-----
From: J.M. Castroagudin [mailto:[EMAIL PROTECTED] 
Sent: Thursday, September 13, 2007 8:47 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Allow/Deny directive and https

Hi everybody,

I have been trying to limit access to certain 'directories' (inside a 
https vhost) based on IP directives. Something like this:


SetEnvIf remote_addr W.X.Y.Z intranet
SetEnvIf Client-ip W.X.Y.Z intranet


<VirtualHost *:443>
DocumentRoot "/disc/html/https"
ServerName secure.foo.com

....

<Directory /disc/html/https/intranet>
    Order Deny,Allow
    Deny from All
    Allow from env=intranet
</Directory>

....

</VirtualHost>


There is only a https virtual host in this server.

But it seems not to work as expected. Accesing via 
'http://secure.foo.com', Deny and Allow directives work right (it is 
defined before in conf file). Although, entering via 
'https://secure.foo.com', everybody has acces to this directory...


Is there a way to do this? I am beginning thinking it can not be 
possible... it is?

Thanks in advance,

J.M.Castroagudín Silva



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to