You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Marc MENDEZ <cn...@yahoo.fr> on 2006/08/07 17:04:00 UTC
[users@httpd] Several .htaccess
Hi,
The root of our extranet site is protected by a .htaccess file. If the user
is inside our network, no identification is required. Otherwise, he must
identified.
Here is the file :
AuthUserFile path_to_password_file
AuthGroupFile /dev/null
AuthName ":: INFORMATIONS CONFIDENTIELLES ::"
AuthType Basic
<limit GET POST>
order deny,allow
deny from all
allow from our_network
require valid-user
satisfy any
</Limit>
It works
However, a subdirectory must be restricted differently : if the user is
outside our network, no access !
Here is the second .htaccess
Allow from our_network
Deny from all
This second .htaccess worked 'till I modify the first one to prevent users
from identifying if they are in our network.
I suppose that as the first .htaccess grants access to the whole website,
the second one is not used.....
How can I urge Apache to use the second one ?
Thanks for your help !
___________________________________________________________________________
Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet !
Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences.
http://fr.answers.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Several .htaccess
Posted by Marc MENDEZ <cn...@yahoo.fr>.
Hi,
Great ! It works ! I didn't hope a so fast answer !
Thanks a lot !
----- Original Message -----
From: "Joshua Slive" <jo...@slive.ca>
To: <us...@httpd.apache.org>
Sent: Monday, August 07, 2006 5:42 PM
Subject: Re: [users@httpd] Several .htaccess
> On 8/7/06, Marc MENDEZ <cn...@yahoo.fr> wrote:
>> Hi,
>>
>> The root of our extranet site is protected by a .htaccess file. If the
>> user
>> is inside our network, no identification is required. Otherwise, he must
>> identified.
>> Here is the file :
>>
>> AuthUserFile path_to_password_file
>> AuthGroupFile /dev/null
>> AuthName ":: INFORMATIONS CONFIDENTIELLES ::"
>> AuthType Basic
>>
>> <limit GET POST>
>> order deny,allow
>> deny from all
>> allow from our_network
>> require valid-user
>> satisfy any
>> </Limit>
>>
>> It works
>>
>> However, a subdirectory must be restricted differently : if the user is
>> outside our network, no access !
>> Here is the second .htaccess
>> Allow from our_network
>> Deny from all
>>
>> This second .htaccess worked 'till I modify the first one to prevent
>> users
>> from identifying if they are in our network.
>>
>> I suppose that as the first .htaccess grants access to the whole website,
>> the second one is not used.....
>> How can I urge Apache to use the second one ?
>
> 1. Remove the lines <Limit GET POST> and </Limit> which are not needed
> and are a possible security risk. (Read the docs on <Limit> for more
> info.)
>
> 2. Put "Satisfy all" in the .htaccess in the subdirectory.
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
___________________________________________________________________________
Découvrez un nouveau moyen de poser toutes vos questions quelque soit le sujet !
Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences.
http://fr.answers.yahoo.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Several .htaccess
Posted by Joshua Slive <jo...@slive.ca>.
On 8/7/06, Marc MENDEZ <cn...@yahoo.fr> wrote:
> Hi,
>
> The root of our extranet site is protected by a .htaccess file. If the user
> is inside our network, no identification is required. Otherwise, he must
> identified.
> Here is the file :
>
> AuthUserFile path_to_password_file
> AuthGroupFile /dev/null
> AuthName ":: INFORMATIONS CONFIDENTIELLES ::"
> AuthType Basic
>
> <limit GET POST>
> order deny,allow
> deny from all
> allow from our_network
> require valid-user
> satisfy any
> </Limit>
>
> It works
>
> However, a subdirectory must be restricted differently : if the user is
> outside our network, no access !
> Here is the second .htaccess
> Allow from our_network
> Deny from all
>
> This second .htaccess worked 'till I modify the first one to prevent users
> from identifying if they are in our network.
>
> I suppose that as the first .htaccess grants access to the whole website,
> the second one is not used.....
> How can I urge Apache to use the second one ?
1. Remove the lines <Limit GET POST> and </Limit> which are not needed
and are a possible security risk. (Read the docs on <Limit> for more
info.)
2. Put "Satisfy all" in the .htaccess in the subdirectory.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org