Hi there!
I see many people have difficulties setting up that specific clients are allowed for their servers. Well, I am having the problem, that obviously everybody gets access, despite my efforts to disallow this.
The Apache is a fresh install from the Bitnami WAPP-Stack. In the httpd.conf, I changed the DocumentRoot (which contain no htaccess file, or what ever this is called). Then I changed
Listen 80
to
Listen 127.0.0.1:80
For my DocumentRoot I set up:
Order allow,deny
Deny from All
Allow from None
and several other combinations that indicate that nobody should be allowed to enter.
Sadly, I have full access to my server from within my home-network (192.168....).
As I said, I didn't change anything else. This means, that there is
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
in my config file, which seems to disallow just anyone for everything where there is no specific rule.
What's wrong here?