On Tue, Mar 23, 2010 at 5:29 PM, Wagner Pereira <wpere...@pop-sp.rnp.br> wrote: > Eric, > > The IPs aren't the same. See: 10.0.0.1 and 100.10.10.1 (this is only a way > to omit my real IPs) And they are different machines, of course.
They were in the access log you provided. > > This is my Apache's error.log: > > [Tue Mar 23 15:21:09 2010] [error] [client 10.0.0.1] client denied by server > configuration: /var/www/cvsweb/icons/dir.gif, referer: > http://100.10.10.1/cgi-bin/cvsweb/ > [Tue Mar 23 15:21:09 2010] [error] [client 10.0.0.1] client denied by server > configuration: /var/www/cvsweb/css/cvsweb.css, referer: > http://100.10.10.1/cgi-bin/cvsweb/ > [Tue Mar 23 15:21:12 2010] [error] [client 10.0.0.1] File does not exist: > /var/www/favicon.ico > Root '/var/lib/cvs' defined in @CVSrepositories is not a directory, entry > ignored at /usr/lib/cgi-bin/cvsweb line 497. Because you're not providing verbatim config/logs, it's impossible to help. Apache failed before it had to check auth, e.g. host-based access control. > > This weird thing is: this client (10.0.0.1) is able to access the Rancid via > cvsweb without the authentication (user/password). URL's other than the ones you included in the snippet? > > In other hand, I myself (from my client 10.0.0.2) need to access the Rancid > server, via cvsweb, providing and user and password, like I previously > configured (htaccess/htpasswd). > > And that's what the error.log logged into it: > > [Tue Mar 23 18:25:46 2010] [error] [client 10.0.0.2] (13)Permission denied: > Could not open password file: /var/www/cvsweb/.htpasswd, referer: > http://100.10.10.1/cgi-bin/cvsweb/ Your IP passed host-based access control, but Apache can't read the file in the error message. > [Tue Mar 23 18:25:46 2010] [error] [client 10.0.0.2] (13)Permission denied: > Could not open password file: /var/www/cvsweb/.htpasswd, referer: > http://100.10.10.1/cgi-bin/cvsweb/ > [Tue Mar 23 18:25:49 2010] [error] [client 10.0.0.2] File does not exist: > /var/www/favicon.ico > > Although, I am able to access the Rancid, after I informed the > user/password. That's odd. Sorry, I've got no idea what you're trying to describe and you still haven't provided the details of your authentication configuration. I did misread your referer in previous post as a proxy request though, so that's something to ignore, fwiw. -- Eric Covener cove...@gmail.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
