1
00:00:00,360 --> 00:00:06,000
Till now, we have seen how to launch a single website, then using virtualhost, name based virtualhosting

2
00:00:06,090 --> 00:00:07,870
IP based virtual hosting

3
00:00:08,270 --> 00:00:10,260
now we want to move toward the security.

4
00:00:10,890 --> 00:00:17,910
now we want to discuss about host based security on apache that mean how to grant or deny access based

5
00:00:17,910 --> 00:00:21,050
on IP address, network, hostname or domain.

6
00:00:21,780 --> 00:00:29,700
So in our case, the lab is again going to be that we used in our IP based virtual hosting.

7
00:00:29,700 --> 00:00:32,820
That means we have got three IP addresses one, two, three.

8
00:00:33,180 --> 00:00:39,990
And our directories are example1, example2, example3 from where we are serving the material

9
00:00:40,350 --> 00:00:45,330
and we will be using 10 and 20 system for our testing.

10
00:00:45,330 --> 00:00:53,670
Our host based security, now for implementing host based security, we required one option that is called

11
00:00:53,850 --> 00:01:02,020
Require, now require offers different ways to restrict access to your website or portion of your website.

12
00:01:02,220 --> 00:01:06,540
It is not sometimes necessary that you have to control only the whole site.

13
00:01:06,690 --> 00:01:13,050
Sometimes /admin is there company.

14
00:01:13,050 --> 00:01:14,070
Information is there.

15
00:01:14,220 --> 00:01:19,440
So you only want to block that admin that mean your site.

16
00:01:19,440 --> 00:01:27,000
www.example1.com/admin that you want to block portion of your website also

17
00:01:27,720 --> 00:01:31,990
and to enforce complex type of host based security.

18
00:01:32,350 --> 00:01:38,180
We can also use the RequiredAll, RequireAny and RequireNone parameter.

19
00:01:39,540 --> 00:01:42,000
We will see what is the meaning of all these.

20
00:01:42,000 --> 00:01:45,060
when we will be giving you different examples.

21
00:01:45,630 --> 00:01:52,650
Now access can be granted or denied based on your IP addresses, but you can specify the network

22
00:01:52,650 --> 00:01:53,010
also.

23
00:01:53,010 --> 00:02:01,110
You can specify the name of the systems also, or you can specify a grant or deny based on your domain

24
00:02:01,110 --> 00:02:01,310
name.

25
00:02:01,310 --> 00:02:09,900
also, please remember in older version of apache, instead of this, we used to use, allow, deny

26
00:02:09,900 --> 00:02:11,190
and order directives.

27
00:02:11,460 --> 00:02:16,040
But in new although you can use this, but it is not recommended practice.

28
00:02:16,230 --> 00:02:21,560
So in our case we will be using this Require, RequireAll, RequireAny type of things.

29
00:02:22,130 --> 00:02:31,490
And so we will be taking different cases, different type of situations, which system to block, which

30
00:02:31,500 --> 00:02:40,350
not to block, and what directive we have to write in our httpd.config to implement Host based

31
00:02:40,350 --> 00:02:40,890
security.