Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: .htaccess question #4096 |
|
| Author |
|
Brian
Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA
|
 Posted: Wed 26 Oct '05 20:34 Post subject: .htaccess question #4096 |
 |
|
I have a question, if I want to restrict the access to a directory, for example, but allow "localhost" to not be required to enter the user / pass for authentication, thus a link from another script I host, what would the format be like?
My .htaccess file: | Code: | AuthName "Password Required for this directory:"
AuthUserFile x:/xxxxxxxxxx/xxxxx/xxxxx/passwords
AuthType Basic
Require user Brian |
I am sure it is pretty easy and that I likely should have thought of it, or at least found it in the docs, but so far the solution has eluded me.
I thought of one solution, but it is not really addressing the question as I want to, and that is to use mod_rewrite to redirect all traffic that is not local, or from a specific IP or script. But that does not then lend itself to allowing authenticated access.
Help please  |
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3053
Location: Hilversum, NL, EU
|
| Posted: Wed 26 Oct '05 21:16 Post subject: |
|
|
You can try in your .htaccess file:
AuthName "Password Required for this directory:"
AuthUserFile x:/xxxxxxxxxx/xxxxx/xxxxx/passwords
AuthType Basic
Require user Brian
Order Allow,Deny
Allow from 127.0.0.1 localhost
Satisfy Any
Steffen |
|
| Back to top |
|
Brian
Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA
|
| Posted: Wed 26 Oct '05 21:32 Post subject: |
|
|
That solved the problem.
That is taking .htaccess a bit further than I had before. For example, I had not ever initiated the satisfy any option, nor had I thought to use order allow,deny after specifying who could be allowed to view the files / content.
But I learned much today, this is very helpful indeed. Thank you.
--
Brian |
|
| Back to top |
|
Brian
Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA
|
| Posted: Wed 26 Oct '05 22:14 Post subject: |
|
|
Steffen,
If I have the the following config:
x:/dir/www
x:/dir/www/domain1
x:/dir/www/domain2
Is it possible to require user/pass authentication when accessing x:/dir/www via a direct IP connect from my browser, and yet not require user / pass authentication when using URL's to get to x:/dir/www/domain1 & domain2?
I am looking at the docs, and I don't dont' see how it is clearly laid out to do that, .htacess that is. I see many tutorials on how to simply allow and/or deny access, even based on referrer, args passed, and so on, but not on how to require a connection via the IP to the root x:/dir/www to authenticate and yet web traffic via a URL to simply pass through if they access x:/dir/www/domain1 via a web link.
I know that I have asked many questions, but for me .htaccess is tricky. Many things I understand, it is the shere logic of .htacess that is not sinking in ... ha ha ha!!!
Thanks again for the replies, they have been a BIG help. |
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3053
Location: Hilversum, NL, EU
|
| Posted: Wed 26 Oct '05 22:44 Post subject: |
|
|
I hope I understand what you want.
I think when you place a .htaccess in eg. x:/dir/www/domain1 , you can control the access to domain1.
Better to make it not too complex
Steffen |
|
| Back to top |
|
Brian
Joined: 21 Oct 2005
Posts: 209
Location: Puyallup, WA USA
|
| Posted: Thu 27 Oct '05 18:49 Post subject: |
|
|
Steffen,
I started thinking about the question, the best solution would be to not place any files in the ROOT directory, and instead create another sub-directory in the ROOT for the IP specific / adminstrative content.
It was an easy enough thing, but instead of simply thinking things through, I asked the question. If it helps someone else though, then perhaps it is not a complete waste if 1's and 0's (and bandwidth).
--
Brian |
|
| Back to top |
|
|
|
|
|
|
