You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by susan hall <su...@prodigy.net> on 2003/11/07 21:03:08 UTC
[users@httpd] Qu re config for cookie string + ip access control
Hello,
I have a 1.3.28 webserver open to the world, that is used to update
member accounts. Members login to the site with their domain and
password to get a cookie, then they can update their own stuff only.
This website also has a "superuser" account that has authority to modify
any and all accounts; it is a unique domain/password. This special user
should be used only by a restricted set of people who would come from
identifiable ip ranges, but the urls it will use are identical to the
urls for all members.
The "super" account can be seen and identified in the cookie. I was
hoping to be able to use a combo of SetEnvIf cookie and Allow from
directives to impose a more restricted access by ip on just this
superuser, but I can't see how to say to the server some variation of:
If not superuser
allow from all
else
allow from xxx.yyy.xxx
Any suggestion appreciated.
Thanks, Susan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Qu re config for cookie string + ip access control
Posted by Joshua Slive <jo...@slive.ca>.
On Fri, 7 Nov 2003, susan hall wrote:
> The "super" account can be seen and identified in the cookie. I was
> hoping to be able to use a combo of SetEnvIf cookie and Allow from
> directives to impose a more restricted access by ip on just this
> superuser, but I can't see how to say to the server some variation of:
> If not superuser
> allow from all
> else
> allow from xxx.yyy.xxx
mod_rewrite.
It will look something like this:
RewriteCond %{HTTP_COOKIE} superuser
RewriteCond %{REMOTE_ADDR} ^xxx\.yyy\.xxx$
RerwiteRule .* - [F]
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org