HPE Community
Operating System - HP-UX
1823725 Members
3353 Online
109664 Solutions
New Discussion юеВ

Restrict access to Apache on HP-UX

 
BradF
Frequent Advisor

тАО10-18-2002 12:56 PM

тАО10-18-2002 12:56 PM

Restrict access to Apache on HP-UX

I am running Apache 1.3 that came with NNM 6.2. I would like to restrict access to particular PCs/Work Stations.

I did an ovstop httpd
vi /opt/OV/httpd/conf/access.conf and added:
Order Allow,Deny
Allow from theuser.domain.com
Deny from all
I did an ovstart httpd

I am still able to connect from stations other than theuser.domain.com.

in /var/opt/OV/log/http_error_log:
[Fri Oct 18 16:37:00 2002] [error] client 10.49.69.68:1507 denied by server configuration: /opt/OV/httpd/htdocs/Perf

But I was still able to access the nnm reports and graphs from a 'denied client'?

How do I restrict access to the ITO/NNM Apache server?

Thanks,

Brad

0 Kudos
Reply
6 REPLIES 6
someone_4
Honored Contributor

тАО10-18-2002 01:18 PM

тАО10-18-2002 01:18 PM

Re: Restrict access to Apache on HP-UX

I dont know anything about nnm but what about if you restart the appache its self or maybe the ovstop httpd restarts the apache.
Just to restart apache its

/opt/apache/bin/apacheclt stop
/opt/apache/bin/apacheclt start

if that doesnt work take a look at /var/adm/inetd.sec
maybe you can do the allow there.

man inetd.sec

~ Richard

0 Kudos
Reply
BradF
Frequent Advisor

тАО10-18-2002 01:33 PM

тАО10-18-2002 01:33 PM

Re: Restrict access to Apache on HP-UX

For the ITO/NNM version of Apache
ovstop httpd
and
ovstart httpd
are used to stop and start the web server.
0 Kudos
Reply
harry d brown jr
Honored Contributor

тАО10-19-2002 09:18 AM

тАО10-19-2002 09:18 AM

Re: Restrict access to Apache on HP-UX

Are you sure it's reading access.conf ? remove the access and just deny all to see if it's working! Also after the ovstop httpd, do a ps -ef | grep http.

live free or die
harry
Live Free or Die
0 Kudos
Reply
BradF
Frequent Advisor

тАО10-21-2002 06:23 AM

тАО10-21-2002 06:23 AM

Re: Restrict access to Apache on HP-UX

I think it is reading access.conf but not really using it.

I did an ovstop httpd, then a ps -ef | grep httpd and it wasn't running.

I changed the access.conf file to deny all:
Order Allow,Deny
Deny from all

I restarted the httpd via ovstart httpd. I am still able to access the nnm graphs etc, I was unable to access them when the httpd was stopped.

In http_error_log I get the message that access is denied by server configuration but I can still access the nnm graphs etc. ???

Is there some other setting to force it to use access.conf or some other way to restrict access by IP?

-Brad
0 Kudos
Reply
Ben Sachs_1
Advisor

тАО10-21-2002 07:13 AM

тАО10-21-2002 07:13 AM

Re: Restrict access to Apache on HP-UX

not sure how apache is used with OV, but is there an httpd.conf file?

Check the settings in the directive which correspond to OV. The security settings you need, may need to be applied there, instead?
0 Kudos
Reply
Chris Xu
Trusted Contributor

тАО10-21-2002 08:06 AM

тАО10-21-2002 08:06 AM

Re: Restrict access to Apache on HP-UX

You can control access to the content such as your NNM graphics by modifying httpd.conf. Take a look at httpd.conf and go to the directory mapping sections. Use the same control syntax as you did in the access.conf in the directory where your NNM graphics locate. Good luck.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.