iTP Secure WebServer System Administrator's Guide (Version 7.0)
Configuration Directives
iTP Secure WebServer System Administrator’s Guide—523346-012
A-51
Region Commands
Region Commands
A Region directive controls access by applying one or more special control
commands, called Region commands, to the region on the server that matches the
URL path specified in the directive. The Region commands you can specify are:
AddCGI env-var value
The AddCGI command sets a specified CGI environment variable (env-var) to a
default (value) for all CGI programs in a given region. For example:
Region /* {
AddCGI CGI_LIBRARY /usr/tandem/webserver/lib
}
In this example, environment variable CGI_LIBRARY is set to
/usr/tandem/webserver/lib for all CGI programs within the region /*.
The setting of an AddCGI command has no effect on server objects that are not
CGI programs.
For more information about CGI environment variables, see Section 8, Using
Common Gateway Interface (CGI) Programs.
AllowHost [-noexist] host-pattern ...
The AllowHost command returns an “access denied” message if a Web client's
host or IP address does not match one of the specified host patterns
(host-pattern...). If the Web client’s host name or IP address does not match,
no additional commands within the directive are evaluated. In specifying a host
pattern, you can use the special matching characters listed in Table A-5 on
page A-50.
If you specify the -noexist option, the AllowHost command returns a “not
found” message instead of an “access denied” message.
For example, the command in the following directive restricts access to the
/admin/ section of the server to hosts in the domain company.com:
Region /admin/ {
AllowHost *.company.com
}
Table A-6. URL Pattern-Matching Examples
Match Pattern Description
/admin/* This pattern matches any URL path that begins with the string
/admin/.
*.cgi This pattern matches any URL path that has the extension.cgi.
/images/*.gif This pattern matches any URL path that has the extension.gif in
or under the images directory.