You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "J.P. Wadkin C9951627" <C9...@hud.ac.uk> on 2002/06/02 15:21:49 UTC

Apache 1.3 .22 - "advanced" authentication question

All,
 
I've searched the Net, archives and FAQs - can't find an answer or anything
close to an answer for this question...
 
<Directory "/usr/local/apache/htdocs/someDirectory">
   AuthType Basic
   AuthName "Some secure directory"
   AuthUserFile /usr/local/apache/seeds/sesame
   Require group someGroup
   Allow from xxx.xxx. except xxx.xxx.xxx.xxx
   Satisfy any
</Directory>
 
A Perl script fetches HTML documents, alters them and serves them to the
client. In doing so, it makes it appear that the document requests are
originating internally rather than externally. This has the net effect of
bypassing security. I wanted to simply "allow" all local IP addresses
"except" the Web Server, otherwise "require" a username and password. The
Perl script is on one server, the documents are on another.
 
Any ideas?
 
Many thanks,
 
John

Re: Apache 1.3 .22 - "advanced" authentication question

Posted by Joshua Slive <jo...@slive.ca>.

J.P. Wadkin C9951627 wrote:
> All,
>  
> I've searched the Net, archives and FAQs - can't find an answer or 
> anything close to an answer for this question...
>  
> <Directory "/usr/local/apache/htdocs/someDirectory">
>    AuthType Basic
>    AuthName "Some secure directory"
>    AuthUserFile /usr/local/apache/seeds/sesame
>    Require group someGroup
>    Allow from xxx.xxx. except xxx.xxx.xxx.xxx

See:
http://httpd.apache.org/docs-2.0/mod/mod_access.html
Order allow,deny
Allow from xxx.xxx
Deny from xxx.xxx.xxx.xxx

Joshua.





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org