Setting security in the access.conf file
You can set security settings in the access.conf file. You can prohibit one or more HTTP clients from accessing the HTTP server or a directory located on the HTTP server, by using the Deny directive. You can set security settings when you want to control which HTTP clients can access the HTTP server. For example, you can set up an HTTP server and allow only members to access your Web site. In the following access.conf file, three HTTP clients are prohibited from accessing the /var/www/islands directory located on the HTTP server. The security settings, along with the comment, appear in bold type.
To set security settings in the access.conf file
1. Click Application Starter, File Manager.
2. Type /etc/apache/ in the Address box.
3. Double-click on access.conf.
4. Configure the access.conf file.
You can refer to the following access.conf file for a reference.
5. Save the access.conf file.
Notes
After you configure the access.conf file, you must restart the HTTP server. For information about restarting the HTTP server, see "Starting and stopping the HTTP server."
For information about saving a file in Corel LINUX, see the Corel LINUX User Guide.
In the access.conf file listed below, the "#" symbol indicates a comment.
If an HTTP client tries to access the directory with an IP address that has been denied access, an error message informs the HTTP client they cannot access the directory.
# access.conf: Global access configuration
# Online docs at http://www.apache.org/
# This file defines server settings which affect which types of services
# are allowed, and in what circumstances.
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# Originally by Rob McCool
# This should be changed to whatever you set DocumentRoot to.
<Directory /var/www>
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you (or at least, not yet).
Options Indexes FollowSymLinks
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
AllowOverride None
# Controls who can get stuff from this server.
order allow,deny
allow from all
</Directory>
# DENY THREE IP ADDRESSES ACCESS TO THE ISLANDS DIRECTORY
<Directory /var/www/Islands>
Order allow,deny
allow from all
deny from 120.150.8.43
deny from 120.150.106.6
deny from 120.150.4.65
</Directory>
# /usr/lib/cgi-bin should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory /usr/lib/cgi-bin>
AllowOverride None
Options ExecCGI FollowSymLinks
</Directory>