[users@httpd] Re: Redirect to https based on user ip address

[Joost de Heer <sa...@xs4all.nl>]

Noel Stratton wrote:
> Good Morning,
>
> I currently have an internal website.  I am now required to let users
> access the site outside of internal network.  I have got it working so
> that it will require authentication to an active directory domain when
> the user is outside of my network.  However, I now to make it where if
> the user is inside the domain the page comes up in http.  When the user
> is outside of the network it will make the pages come up in https.  Also
> authentication should be in https.  Here is my .htaccess file:
>
> order deny,allow
> deny from all
> allow from 10.13.1.
> allow from 10.13.2.
> allow from 10.13.3.
> allow from 10.13.4.
> satisfy any
> AuthName "Members 1st Credit Union Employees Only"
> AuthType Kerberos
> Krb5Keytab /etc/auth_kerb.keytab
> KrbAuthRealm MEMBERSONLINE.LOCAL
> KrbMethodNegotiate off
> KrbSaveCredentials off
> KrbVerifyKDC off
> Require valid-user
>
> I was working with the Mod_Rewrite stuff and got it to send it to https,
> but it did internally and externally.

Untested:

RewriteCond %{REMOTE_HOST} !10\.13\.[1-4]\.[0-9]+
RewriteRule (.*) https://your.host/path/to/$1 [R]

Furthermore, if you want to deny all, except for a few addresses, it's
safer to use 'Order allow,deny', and use only the allow lines, since then
the default action is 'deny'.

Joost


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org