You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Bobby Gontarski <Go...@seznam.cz> on 2006/06/01 00:22:59 UTC

[users@httpd] access control

I need the following:
Allow access from certain IPs to a certain directory and if the user does not come from that IP I need to authenticate him/her using the password file.

I can do one or the other - either certain IPs are allowed and others are not or the access is controled based on password file regardless of IP.

I am sure it must be possible to do it the way I want it.
Can someone help?
Thanks a lot.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] access control

Posted by David Salisbury <sa...@globe.gov>.

yea.. you're going to need a couple more directives, and you may have to go 
to the online docs, or someone else may chime in, but my first stab would be
to add ..

<Directory ".../htdocs/secret">
AuthType Basic
AuthName "Magicenglish Files"
AuthBasicProvider file
AuthUserFile ".../passwd/passwords"
Require user username
Allow from #host list#

Order Deny,Allow
satisfy any

</Directory>

.. I think that'd do it.  I could be wrong.

-ds



----- Original Message ----- 
From: "Bobby Gontarski" <Go...@seznam.cz>
To: <us...@httpd.apache.org>
Sent: Wednesday, May 31, 2006 4:33 PM
Subject: Re: [users@httpd] access control


>> I would guess you need a "satisfy any" directive.. but you're not posting
>> how you have things configured... so no se.
> 
> <Directory ".../Apache2.2/htdocs">
>       Options Indexes FollowSymLinks
>    AllowOverride None
>    Order allow,deny
>    Allow from #host list#
> </Directory>
> 
> This is the following directory directive I want protected if the IP is in allow if not use passwords file
> 
> <Directory ".../htdocs/secret">
>   AuthType Basic
>   AuthName "Magicenglish Files"
>   AuthBasicProvider file
>   AuthUserFile ".../passwd/passwords"
>   Require user username
>   Allow from #host list#
> </Directory>
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] access control

Posted by Bobby Gontarski <Go...@seznam.cz>.

> I would guess you need a "satisfy any" directive.. but you're not posting
> how you have things configured... so no se.

<Directory ".../Apache2.2/htdocs">
       Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from #host list#
</Directory>

This is the following directory directive I want protected if the IP is in allow if not use passwords file

<Directory ".../htdocs/secret">
   AuthType Basic
   AuthName "Magicenglish Files"
   AuthBasicProvider file
   AuthUserFile ".../passwd/passwords"
   Require user username
   Allow from #host list#
</Directory>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] access control

Posted by David Salisbury <sa...@globe.gov>.

I would guess you need a "satisfy any" directive.. but you're not posting
how you have things configured... so no se.

-ds

----- Original Message ----- 
From: "Bobby Gontarski" <Go...@seznam.cz>
To: <us...@httpd.apache.org>
Sent: Wednesday, May 31, 2006 4:22 PM
Subject: [users@httpd] access control


>I need the following:
> Allow access from certain IPs to a certain directory and if the user does not come from that IP I need to authenticate him/her 
> using the password file.
>
> I can do one or the other - either certain IPs are allowed and others are not or the access is controled based on password file 
> regardless of IP.
>
> I am sure it must be possible to do it the way I want it.
> Can someone help?
> Thanks a lot.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
> 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] access control

Posted by "Tom Ray [Lists]" <li...@blazestudios.com>.


Bobby Gontarski wrote:
> I need the following:
> Allow access from certain IPs to a certain directory and if the user does not come from that IP I need to authenticate him/her using the password file.
>
> I can do one or the other - either certain IPs are allowed and others are not or the access is controled based on password file regardless of IP.
>
>   
.htaccess will do all of this for you. Check out this link, I think it 
will give you what you're looking for:

http://www.javascriptkit.com/howto/htaccess.shtml



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org