Limit access on Apache 2.4 to ldap group
Posted
by
jakobbg
on Server Fault
See other posts from Server Fault
or by jakobbg
Published on 2014-08-25T07:23:25Z
Indexed on
2014/08/25
10:21 UTC
Read the original article
Hit count: 228
I've upgraded from Ubuntu 12.04 LTS to 14.04 LTS, and suddenly, my Apache 2.4 (previous: Apache 2.2) now lets everybody in to my virtual host, which is unfortunate :-).
What am I doing wrong? Anything with the Order/Allow lines? Any help is greatly appreciated!
Here's my current config;
<VirtualHost *:443>
DavLockDB /etc/apache2/var/DavLock
ServerAdmin [email protected]
ServerName foo.mydomain.com
DocumentRoot /srv/www/foo
Include ssl-vhosts.conf
<Directory /srv/www/foo>
Order allow,deny
Allow from all
Dav On
Options FollowSymLinks Indexes
AllowOverride None
AuthBasicProvider ldap
AuthType Basic
AuthName "Domain foo"
AuthLDAPURL "ldap://localhost:389/dc=mydomain,dc=com?uid" NONE
AuthLDAPBindDN "cn=searchUser, dc=mydomain, dc=com"
AuthLDAPBindPassword "ThisIsThePwd"
require ldap-group cn=users,dc=mydomain,dc=com
<FilesMatch '^\.[Dd][Ss]_[Ss]'>
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch '\.[Dd][Bb]'>
Order allow,deny
Deny from all
</FilesMatch>
</Directory>
ErrorLog /var/log/apache2/error-foo.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access-foo.log combined
</VirtualHost>
© Server Fault or respective owner