Limit access on Apache 2.4 to ldap group

Posted by jakobbg on Server Fault See other posts from Server Fault or by jakobbg
Published on 2014-08-25T07:23:25Z Indexed on 2014/08/25 10:21 UTC
Read the original article Hit count: 228

Filed under:
|
|

I've upgraded from Ubuntu 12.04 LTS to 14.04 LTS, and suddenly, my Apache 2.4 (previous: Apache 2.2) now lets everybody in to my virtual host, which is unfortunate :-).

What am I doing wrong? Anything with the Order/Allow lines? Any help is greatly appreciated!

Here's my current config;

<VirtualHost *:443>
    DavLockDB /etc/apache2/var/DavLock
    ServerAdmin [email protected]
    ServerName foo.mydomain.com
    DocumentRoot /srv/www/foo

    Include ssl-vhosts.conf

    <Directory /srv/www/foo>
            Order allow,deny
            Allow from all

            Dav On

            Options FollowSymLinks Indexes
            AllowOverride None
            AuthBasicProvider ldap
            AuthType Basic
            AuthName "Domain foo"
            AuthLDAPURL "ldap://localhost:389/dc=mydomain,dc=com?uid" NONE
            AuthLDAPBindDN "cn=searchUser, dc=mydomain, dc=com"
            AuthLDAPBindPassword "ThisIsThePwd"
            require ldap-group cn=users,dc=mydomain,dc=com

            <FilesMatch '^\.[Dd][Ss]_[Ss]'>
                    Order allow,deny
                    Deny from all
            </FilesMatch>

            <FilesMatch '\.[Dd][Bb]'>
                    Order allow,deny
                    Deny from all
            </FilesMatch>
    </Directory>

    ErrorLog /var/log/apache2/error-foo.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/access-foo.log combined

</VirtualHost>

© Server Fault or respective owner

Related posts about apache-2.2

Related posts about ubuntu