[转:http://blog.sina.com.cn/s/blog_56f098eb010006z4.html]
我们单位通讯录(即电话薄)是在网页上发布的,网页发布是用APACHE2做的WEB服务,另外我们单位的是按照不同部门划分了不同的网段,现在要实现一个功能,即10.7.0.0/255.255.0.0网段的用户不允许它们访问通讯录,这个APACHE中很容易实现。即在httpd.conf文件中修改两行即可以实现,注意看如下几行源代码:
#
<Directory "/usr/local/apache2/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Deny from 10.7.0.0/16
Allow from all
首先要注意的是我们要修改的deny allow部分是位于定义发布主页文件位置的那一行下面,即<Directory "/usr/local/apache2/htdocs">这一行下面,因为httpd.conf里面deny allow太多了,如果找不对地方,修改错了不起作用。
其次就是deny allow的写法,由于我们这次只是限制一个网段,所以就先写deny,再写allow,即
Deny from 10.7.0.0/16
Allow from all
改完了httpd.conf文件,再进入/usr/local/apache2/bin目录,执行./apachectl restart重启WEB发布进程,这样就可以了。