No, the order is correct. The Deny directive is evaluated last. And it does work the way it's supposed to--allowing from everyone except the particular IP range.

I did send the following follow up post which explains what I was overlooking:

"I've got egg on my face. It works just fine. I was looking at the log file to determine if the IP was still getting in. What I didn't realize was that the return code was 403--Forbidden, but it was still being logged."


web400@xxxxxxxxxxxxxxxx wrote:

Shouldn't it be "Order Deny,Allow"?! Seems to me that it's checking the Allow directive first, because that's the order you've set up. Since Allow says that everyone is allowed, it never checks the Deny.

Changing the order to Deny,Allow should solve this.

---
Scott Klement  http://www.scottklement.com




On Thu, 10 Nov 2005, Wayne McAlpine wrote:

I'm trying unsuccessfully to add a directive to the Apache server to block a range of IP addresses from 216.126.140.0 to 216.126.140.255.

I've added the following code to the directory entry I'm trying to block:

  <Directory /qsys.lib/cgilib.lib/cgimain.pgm*/>
  Order Allow,Deny
  Allow From all
  Deny From 216.126.140.0/255.255.255.0
  </Directory>

I've ended and restarted the server instance but the offending IP is still getting in. Anyone have any suggestions as to what I'm doing wrong?


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.