Restrict apache access

[ric449]

I have an Apache webserver running, but there are some important files and folders I have on there that I want to restrict access to, so they can only be accessed by me on my own computer. I know there must be some way to do it with allow 10.0.0.15(my local IP) and deny all, but where? Also, I would prefer to do it via httpd.conf than .htaccess.

[mairving]

It would be easier if at all possible to have these files in the same directory. That way you could password protect the directory with a username/password. You could combine that with the allowing access to only your IP address. I would do both since an IP address can be spoofed.

You can do it using either .htaccess or through httpd.conf. .htaccess just overrides the settings in httpd.conf if overrides are allowed. Keep in mind that .htaccess is read every time that a page is accessed so it can slow down your site a bit. httpd.conf is read once but remember that anytime you make changes in it, you have to restart the server.

Apache Auth How To.

[ric449]

Well I'm halfway there . The good thing is the folder is now restricted, you try it and you just get forbidden. The bad thing is I get locked out too, so I would have to remove it from httpd if I want to access it. I used:

Code:

{Directory htdocs/phpmyadmin}
        order allow,deny
        deny from All
        Allow from 10.0.0.15
{/Directory}

Under controls who can get stuff from this server.

[mairving]

You need to change the order to get it to work properly.

Code:

{Directory htdocs/phpmyadmin}
        order deny, allow
        deny from All
        Allow from 10.0.0.15
{/Directory}

[ric449]

Edited: Put myself at risk