I have a web server at webIP off site. I have a second server for photos running a php photo gallery app behind apache at photoIP on my local LAN. I have a page on the web server that uses iframes to the photo server's images.

I am trying to restrice access to the photo server to requests from the web server using apache Allowoverride on the photo server. Here is what I have:

<VirtualHost photoIP:8080>
       
        DocumentRoot /var/www/gallery

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory /var/www/gallery>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All FileInfo Options
                Order allow,deny
                Deny from all
                # internal access
                Allow from 192.168.25.0/24
                Allow from 127
                # Web server
                Allow from webIP
        </Directory>

        ErrorLog /var/log/apache2/hammerhead/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug

        CustomLog /var/log/apache2/access.log combined

</VirtualHost>

I can access the photos from a machine on my local LAN, but not from hosts off my LAN. The only way to get it to work is to change Deny from all to Allow from all. What am I doing wrong?

Thanks!

Mark