I have the following in my apache config file:
Define THUMBS_ROOT "//mysmbserver/website/thumbs"
Alias "/thumbs" "//mysmbserver/website/thumbs"
<Directory {THUMBS_ROOT}>
Options Indexes FollowSymLinks
<RequireAny>
Require ip 66.54.56.34
Require ip 159.101.84.4
</RequireAny>
</Directory>
LoadModule authz_core_module modules/mod_authz_core.so
My apache version is Apache/2.4.29 (Win64). (Yes I realise this is an old version of Apache - I can't upgrade due to it being an appliance device)
Even those I've added RequireAny and RequireIP apache is ignoring this and allowing any IP to access the thumbs directory. I can't figure out why. Can anyone help me understand?
Further complicating matters I have a load balancer device sitting in front of apache so really what I need to be looking at is X-Forwarded-For not the source IP. I'm not sure offhand if I need to do anything for RequireIP to detect X-Forwarded-For?
Either way though its allowing access regardless of IP.
Edit: I've also tried:
LoadModule authz_core_module modules/mod_authz_core.so
Define THUMBS_ROOT "//mysmbserver/website/thumbs"
Alias "/thumbs" "//mysmbserver/website/thumbs"
SetEnvIF X-Forwarded-For "66.54.56.34" AllowIP1
SetEnvIF X-Forwarded-For "159.101.84.4" AllowIP2
<Directory {THUMBS_ROOT}>
Options Indexes FollowSymLinks
<RequireAny>
Require env AllowIP1
Require env AllowIP2
</RequireAny>
</Directory>
That doesn't work either.
According to the documentation, the path in a
<Directory>directive has to be a file system path, not an alias or variable. So I think your directive isn't having any effect, since there's no path{THUMBS_ROOT}in the file system.Possible options:
<Directory //mysmbserver/website/thumbs>. I don't know if this will work, but it might if Windows treats it as a valid file system path.<Location /thumbs>