Allow only certain files to be exposed to the web on Lighttpd?

Question

Just installed it on my linux desktop, and I only want 1 or 2 files accessible to the outside world. Everything else should only be accessibly via http://localhost/ for various privacy/security reasons. It is just a test server, don't want just anybody accessing my large batch files.

How would you go about allowing only certain select files access to the internet and making everything else available only via http://localhost/?

score 1 · Answer 1 · answered Feb 07 '11 at 08:06

1

bind to localhost only:

server.bind                = "localhost"

use iptables:

iptables -I INPUT 1 -p tcp ! -s 127.0.0.1 --dport 80 -j DROP

use $HTTP["remoteip"]:

$HTTP["remoteip"] =~ "127.0.0.1" {
        alias.url += (
                "/" => "/path_to_dir/",
        )
        $HTTP["url"] =~ "^/" {
                dir-listing.activate = "enable"
        }
}

answered Feb 07 '11 at 08:06

alvosu

8,437
25
22

Could you give a little more explanation on any of this, alvosu? I have followed your steps, but it is unclear what exactly path_to_dir are etc... – darkAsPitch Feb 22 '11 at 04:56
Also that regular expression match for the remote_ip isn't right technically - it would still work I suppose. – darkAsPitch Feb 22 '11 at 05:13

darkAsPitch · Accepted Answer · 2011-02-22T05:42:22.553

1

Here is the answer to the question I was looking for:

$HTTP["host"] != "localhost" {

     url.access-deny = ("")

     $HTTP["url"] =~ "^.*/only_allow_this_file\.php$" {
         url.access-deny = ("disable")
     }

}

No ip tables needed! Simply change "only_allow_this_file" to whatever filename you are doing your testing with, and only that file will be accessible from the internet.

edited Feb 22 '11 at 05:42

answered Feb 22 '11 at 05:33

darkAsPitch

1,931
4
25
42

Allow only certain files to be exposed to the web on Lighttpd?

2 Answers2