logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



.htaccess question #4096

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
Brian



Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA

PostPosted: Wed 26 Oct '05 20:34    Post subject: .htaccess question #4096 Reply with quote

I have a question, if I want to restrict the access to a directory, for example, but allow "localhost" to not be required to enter the user / pass for authentication, thus a link from another script I host, what would the format be like?

My .htaccess file:
Code:
AuthName "Password Required for this directory:"
AuthUserFile x:/xxxxxxxxxx/xxxxx/xxxxx/passwords
AuthType Basic
Require user Brian


I am sure it is pretty easy and that I likely should have thought of it, or at least found it in the docs, but so far the solution has eluded me.

I thought of one solution, but it is not really addressing the question as I want to, and that is to use mod_rewrite to redirect all traffic that is not local, or from a specific IP or script. But that does not then lend itself to allowing authenticated access.

Help please Smile
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Wed 26 Oct '05 21:16    Post subject: Reply with quote

You can try in your .htaccess file:

AuthName "Password Required for this directory:"
AuthUserFile x:/xxxxxxxxxx/xxxxx/xxxxx/passwords
AuthType Basic
Require user Brian
Order Allow,Deny
Allow from 127.0.0.1 localhost
Satisfy Any


Steffen
Back to top
Brian



Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA

PostPosted: Wed 26 Oct '05 21:32    Post subject: Reply with quote

That solved the problem.

That is taking .htaccess a bit further than I had before. For example, I had not ever initiated the satisfy any option, nor had I thought to use order allow,deny after specifying who could be allowed to view the files / content.

But I learned much today, this is very helpful indeed. Thank you.

--
Brian
Back to top
Brian



Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA

PostPosted: Wed 26 Oct '05 22:14    Post subject: Reply with quote

Steffen,

If I have the the following config:

x:/dir/www
x:/dir/www/domain1
x:/dir/www/domain2


Is it possible to require user/pass authentication when accessing x:/dir/www via a direct IP connect from my browser, and yet not require user / pass authentication when using URL's to get to x:/dir/www/domain1 & domain2?

I am looking at the docs, and I don't dont' see how it is clearly laid out to do that, .htacess that is. I see many tutorials on how to simply allow and/or deny access, even based on referrer, args passed, and so on, but not on how to require a connection via the IP to the root x:/dir/www to authenticate and yet web traffic via a URL to simply pass through if they access x:/dir/www/domain1 via a web link.

I know that I have asked many questions, but for me .htaccess is tricky. Many things I understand, it is the shere logic of .htacess that is not sinking in ... ha ha ha!!!

Thanks again for the replies, they have been a BIG help.
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Wed 26 Oct '05 22:44    Post subject: Reply with quote

I hope I understand what you want.

I think when you place a .htaccess in eg. x:/dir/www/domain1 , you can control the access to domain1.

Better to make it not too complex Smile


Steffen
Back to top
Brian



Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA

PostPosted: Thu 27 Oct '05 18:49    Post subject: Reply with quote

Steffen,

I started thinking about the question, the best solution would be to not place any files in the ROOT directory, and instead create another sub-directory in the ROOT for the IP specific / adminstrative content.

It was an easy enough thing, but instead of simply thinking things through, I asked the question. If it helps someone else though, then perhaps it is not a complete waste if 1's and 0's (and bandwidth).

--
Brian
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1