Thursday, May 2, 2024
Homepage · security
 Popular · Latest · Hot · Upcoming
1
rated 0 times [  1] [ 0]  / answers: 1 / hits: 496  / 2 Years ago, fri, september 30, 2022, 6:19:16

I'm turning my VPS into a development server which will hold development copies of all my websites, controlled by git. Of course, I installed the LAMP server so I can test them.



I've already configured Apache to server through port 8080. However I'm trying to get it to be much more secure. The idea is to only allow certain people to view the content (based on IP or password I guess). Is there a way I can do this?



Another thing I was trying to figure out is what to chown and chgrp all the files in /var/www to. By default (at least in my case) everything is owner by root -- which is bad news. What's the best practise here?


More From » security
 Answers
7

Edit your /etc/apache2/sites-enabled/000-default and between <Directory /var/www/></Directory> replace



Order allow,deny with Order deny,allow and



allow from all with deny from all.



Then you can simply add your ips with allow from IP. After an apache reload it should work.



See also the official documentation.



Also per default apache runs under the user www-data, so a chown -R www-data:www-data /var/www to change the user and group should solve your root problem.


[#33078] Saturday, October 1, 2022, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
barted
Add To Favorites
Follow
Total Points: 424
Total Questions: 103
Total Answers: 101
Location: Djibouti
Member since Sun, Feb 27, 2022
2 Years ago
barted questions
Fri, Feb 24, 23, 19:40, 1 Year ago
Wed, Sep 29, 21, 15:21, 3 Years ago
Wed, May 25, 22, 15:53, 2 Years ago
Wed, May 4, 22, 11:13, 2 Years ago
Sun, May 15, 22, 21:06, 2 Years ago
View All
;