I'm using Apache Httpd 2.4 as a web server ,and I fail to allow access only from a specific host to a URL-path "/x" on my web server.
httpd.conf:
<Location "/x">
Require host myhost.com
</Location>
Basically it ignores "Require host myhost.com" and restricts access from all hosts.
authz_host, authz_core modules are enabled.
Am I missing anything?
Thanks
To make Require host work, you have to make sure that reverse dns lookup for your domain works properly. This is done by PTR (pointer) records in your DNS. You can check it with the dig command like this:
$ dig +short www.google.de
172.217.22.67
$ dig +noall +answer -x 172.217.22.67
67.22.217.172.in-addr.arpa. 85372 IN PTR fra15s17-in-f3.1e100.net.
67.22.217.172.in-addr.arpa. 85372 IN PTR fra15s17-in-f67.1e100.net.
Note that the IP of the PTR record is reversed: 172.217.22.67 <=> 67.22.217.172
So www.google.com has a proper reverse dns entry.
If your domain has no reverse dns pointer set you will find an entry like this in your apache error log (unless you have configured it to be in a different location it should be /var/log/apache2/error.log):
[Wed Dec 05 16:18:23.854771 2018] [authz_core:error] [pid 4711] [client W.X.Y.Z:54050] AH01630: client denied by server configuration: /var/www/example.com/x
As a workaround you could just use Require ip:
<Location "/x">
Require ip W.X.Y.Z
</Location>
where W.X.Y.Z is your IP according to the entry in the error.log.
Hope this helps, if so I would be glad if you would accept the answer.
Location /x? This could be an alias or a Directory directive or something the like. Also, could you check if Require ip works?This is a real issue with no proper solutions on stackoverflow, so let me give the solution right here:
SetEnvIf Host ^myhost\.com$ valid_domain
<Location "/x">
Require env valid_domain
</Location>
I don't know why this solves it, but it does
<Directory /var/www/x/>overriding the Location directive?