mod_authz_host new statements for Deny directive

2.5k Views Asked by At

I was using the following in my Apache 2.1 installation:

Order allow,deny
Allow from all
Deny from 203.XXX.YYY
Deny from 10.ABC
Deny from 10.CBA
Deny from 10.BCA
Deny from 10.ACB

After updating to 2.4.7; I'm supposed to use the mod_authz_host because of the following

Note

The directives provided by mod_access_compat have been deprecated by the new authz refactoring. Please see mod_authz_host.

I've read the page linked above, and there is no mention of denying certain IP ranges using the Require directive. For now, I've the following in my conf file:

Require all granted

I tried using the following:

Require ip 10.142 denied

But apachectl -t tells me:

AH00526: Syntax error on line 22 of <path_to_apache2>/conf/myown.conf:
ip address 'denied' appears to be invalid

How do I rewrite my former statements in the newer module?

1

There are 1 best solutions below

3
On BEST ANSWER

Based on documentation can you replace this line:

Require ip 10.142 denied

By this code:

Require all granted
Require not ip 10.142
# more Require not lines

EDIT

The above needed to be put inside <RequireAll> tags:

<RequireAll>
    Require all granted
    Require not ip 10.142
</RequireAll>