Unable to limit Apache server-status page to localhost

Solution 1:

From what i can see, the virtual host config file seems to take precedence over the mod_status config file.

Actually you grant all to / within mysite.conf :

<Location />
        Require all granted
</Location>

This results in that everyone can access /server-status.

You would have to manage permissions to /server-status in the virtual host config file itself /etc/apache2/sites-enabled/status.conf :

DocumentRoot /var/www
 <Location />
        Require all granted
 </Location>
 <Location /server-status>
        Require local
 </Location>

From there, whatever permissions you set in /etc/apache2/mods-enabled/status.conf they will be ignored as /etc/apache2/sites-enabled/status.conf takes precedence.

Solution 2:

Use the below location directive in the status.conf

<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from localhost
</Location>

After this install lynx in your machine from CLI. Lynx is a fully-featured World Wide Web (WWW) client for users which can be accessed over Linux terminals.

For Ubuntu, Install lynx using

 apt-get install lynx

Run the below command to check apache server status

 lynx http://localhost/server-status