Apache:限制对虚拟主机内特定源IP的访问
[英]Apache: Restrict access to specific source IP inside virtual host
问题描述
I have several named virtual hosts on the same apache server, for one of the virtual host I need to ensure only a specific set of IP addresses are allowed to access. 
我在同一个apache服务器上有几个命名的虚拟主机,对于其中一个虚拟主机,我需要确保仅允许一组特定的IP地址被访问。
Please suggest the best way to do this. 请提出最佳方法。 I have looked at mod_authz_hosts module but it does not look like I can do it inside virtual host. 我看过mod_authz_hosts模块,但看起来好像不能在虚拟主机内完成。
4 个解决方案
解决方案1
45 已采纳 2013-11-07 20:06:22
The mod_authz_host directives need to be inside a <Location> or <Directory> block but I've used the former within <VirtualHost> like so for Apache 2.2: mod_authz_host指令需要位于<Location>或<Directory>块中,但是我已经在<VirtualHost>使用了前者,例如Apache 2.2:
<VirtualHost *:8080>
<Location />
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
...
</VirtualHost>
Reference: https://askubuntu.com/questions/262981/how-to-install-mod-authz-host-in-apache 参考: https : //askubuntu.com/questions/262981/how-to-install-mod-authz-host-in-apache
解决方案2
26 2016-12-12 16:11:13
For Apache 2.4, you would use the Require IP directive . 对于Apache 2.4,您可以使用Require IP指令 。 So to only allow machines from the 192.168.0.0/24 network (range 192.168.0.0 - 192.168.0.255) 因此,仅允许来自192.168.0.0/24网络(范围192.168.0.0-192.168.0.255)的计算机
<VirtualHost *:80>
<Location />
Require ip 192.168.0.0/24
</Location>
...
</VirtualHost>
And if you just want the localhost machine to have access, then there's a special Require local directive . 而且,如果您只是希望localhost机器具有访问权限,则有一个特殊的Require local指令 。
The local provider allows access to the server if any of the following conditions is true:
- the client address matches 127.0.0.0/8
- the client address is ::1
- both the client and the server address of the connection are the same
This allows a convenient way to match connections that originate from the local host:
<VirtualHost *:80>
<Location />
Require local
</Location>
...
</VirtualHost>
解决方案3
6 2013-10-31 16:47:21
If you are using apache 2.2 inside your virtual host you should add following directive ( mod_authz_host ): 如果您在虚拟主机中使用apache 2.2,则应添加以下指令( mod_authz_host ):
Order deny,allow
Deny from all
Allow from 10.0.0.1
You can even specify a subnet 您甚至可以指定一个子网
Allow from 10.0.0
Apache 2.4 looks like a little different as configuration. Apache 2.4的配置看起来有些不同。 Maybe better you specify which version of apache are you using. 最好指定使用的是哪个版本的apache。
解决方案4
3 2017-05-05 08:48:53
In Apache 2.4, the authorization configuration syntax has changed, and the Order , Deny or Allow directives should no longer be used. 在Apache 2.4中,授权配置语法已更改,并且不应再使用Order , Deny或Allow指令。
The new way to do this would be: 执行此操作的新方法是:
<VirtualHost *:8080>
<Location />
Require ip 192.168.1.0
</Location>
...
</VirtualHost>
Further examples using the new syntax can be found in the Apache documentation: Upgrading to 2.4 from 2.2 在Apache文档中可以找到使用新语法的更多示例: 从2.2升级到2.4
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.