The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

'Require host' doesn't work

Discussion in 'General Discussion' started by DennisMidjord, Aug 10, 2017 at 6:04 AM.

  1. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Hi,

    We're having trouble getting 'Require host' working in .htaccess. So far we've tried this:
    Require host non_existing_host
    but it doesn't work.
    We're using Litespeed webserver, but I'd hardly doubt that this would be the reason why it wouldn't be working. Does anyone have an idea?
     
  2. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    From the Apache docs mod_authz_host - Apache HTTP Server Version 2.4
    You might want to check if Require ip works, and that your reverse lookup for the host being called works as expected as Apache apparently checks both direct and reverse lookups.
     
  3. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    I've tested with Require ip as well, but no luck.
    It seems to work just fine:
    Am I missing something obvious?
     
  4. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    I would have expected something like
     
  5. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Not when nonexistinghostcPanel.com is not existing, right?
     
  6. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    If the domain does not exist, it wont resolve and the require will fail !

    The requirement is for a domain that is, or ends in, a record that resolves both forward and backwards.

    If you can't make the require by ip work either, that might indicate a more systematic failure of the require directive. Perhaps you need to ensure you have mod_authz_host enabled ?
     
  7. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Oh, you're right. I'm sorry.

    I've just tried with Require host cpanel.net, and I'm still able to access the website.

    authz_host_module is enabled (checked using httpd -M)
     
  8. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Are any of your htaccess rules working ? do you have allow override on ?
     
  9. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    You might try the following in the htaccess file :
    Code:
    <RequireAll>
    Require host example.org 
    </RequireAll>
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you provide some more information about how you are expecting that entry to work, and an example of the path where that .htaccess file exists (e.g. /home/$username/path/to/.htaccess)? Also, what's configured for "Optimize .htaccess (AllowOverride)" in "WHM >> Apache Configuration >> Global Configuration"?

    Thank you.
     
  11. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Yes, Require all denied works perfectly fine.
    Still doesn't work.

    @cPanelMichael, the customer wants to deny all access to a folder (public_html/test/) from anyone, except from a PHP script that's running from another folder on the same account. The .htaccess is located here: /home/$username/public_html/test/.htaccess. "Optimize .htaccess" is currently set to "Search Home Directory and below", but I've also tried with "Search "/" and below" with no luck.
     
  12. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    How about
    Code:
    <Limit GET POST PUT>
    order deny,allow
    deny from all
    allow from 127.0.0.1
    </Limit>
    
     
  13. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    79
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Hi,

    That works perfectly fine. The customer wants to use Require host, however.
     
  14. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    258
    Likes Received:
    74
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Well........ all I can suggest is that you ensure that Apache can perform a reverse DNS lookup on the IP address to find the associated hostname works, and that a subsequent a forward lookup on the hostname to assure that it matches the original IP address.

    I would guess that the lookup of the domain name returns a shared IP and that a reverse lookup of that IP will return the hostname of the server - NOT the domain name you started with. You might need the domain on a dedicated IP with full host name and PTR records for this to work.

    Have you considered trying Require forward-dns that allows access to the server to be controlled based on simple host names ?
    Do be aware this is for host names - not domain names ! It probably wont be restrictive enough for your client if they don't allow you to use a simple localhost ip rule.

     
    #14 rpvw, Aug 11, 2017 at 8:19 AM
    Last edited: Aug 11, 2017 at 8:46 AM
Loading...

Share This Page