Server Fault Asked by jakobbg on December 15, 2020
I’ve upgraded from Ubuntu 12.04 LTS to 14.04 LTS, and suddenly, my Apache 2.4 (previous: Apache 2.2) now lets everybody in to my virtual host, which is unfortunate :-).
What am I doing wrong? Anything with the Order/Allow lines? Any help is greatly appreciated!
Here’s my current config;
<VirtualHost *:443>
DavLockDB /etc/apache2/var/DavLock
ServerAdmin [email protected]
ServerName foo.mydomain.com
DocumentRoot /srv/www/foo
Include ssl-vhosts.conf
<Directory /srv/www/foo>
Order allow,deny
Allow from all
Dav On
Options FollowSymLinks Indexes
AllowOverride None
AuthBasicProvider ldap
AuthType Basic
AuthName "Domain foo"
AuthLDAPURL "ldap://localhost:389/dc=mydomain,dc=com?uid" NONE
AuthLDAPBindDN "cn=searchUser, dc=mydomain, dc=com"
AuthLDAPBindPassword "ThisIsThePwd"
require ldap-group cn=users,dc=mydomain,dc=com
<FilesMatch '^.[Dd][Ss]_[Ss]'>
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch '.[Dd][Bb]'>
Order allow,deny
Deny from all
</FilesMatch>
</Directory>
ErrorLog /var/log/apache2/error-foo.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access-foo.log combined
</VirtualHost>
Foiled by Chrome cache, even though I was using Private Browsing. Weird.
Access log told me I was actually pre-authenticated. So when using a browser I never use (IE), it popped up with an authenticate dialog. And succeeded on binding to LDAP server. Nice.
Answered by jakobbg on December 15, 2020
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP