wiki:UoL LAMP HowTo Deny Access from the Internet

Version 2 (modified by Richard Bramley, 9 years ago) ( diff )

--

UoL LAMP HowTo Deny Access from the Internet

Tags: UoL LAMP Server HowTo

Overview

Apache can allow or deny access based on IP address, but because the LAMP servers sit behind a Pound proxy server all the requests come from the same IP address. Pound puts the original IP address into an environment variable called X-Forwarded-For.

This method was adapted from Deny IP Address using Setenvif.

Procedure

  1. Add or replace the following lines to the Directory element of the application in the http.conf file.
<Directory ... >
    ...
    SetEnvIF X-Forwarded-For "(,| |^)143\.210\.\d{1,3}\.\d{1,3}(,| |$)" AllowIP
    Order deny,allow
    Deny from all
    Allow from env=AllowIP
    ...
</Directory>
  1. Restart apache

Error: Macro BackLinks(None) failed
'Environment' object has no attribute 'get_db_cnx'

Note: See TracWiki for help on using the wiki.