[Tfug] Brain fart... htaccess restrict by IP and Password
Robert Zeigler
rdzeigle at u.arizona.edu
Fri Jul 2 12:16:37 MST 2004
Sam Hart wrote:
> Okay, I'm having a bad day and can't think straight...
>
> I know it can be done, I've even done it before, but for the life of me I
> can't remember how..
>
> I need to restrict a web directory by IP address range and password
> protect it otherwise.
>
> I.e., If you are in IP range, you automatically get in. If you are not in
> IP range, then you must enter a password to get in.
>
> I know this can be done with .htaccess, and I can do either/or, but I
> can't remember how to combine the two.
>
Check out the following, particularly the very end of the document,
under "Satisfy"
http://httpd.apache.org/docs/howto/auth.html
This is the example given in the above document, which seems to be
exactly what you're looking for. It allows everyone from "internal.com"
to access the files, and otherwise requires a password.
<Directory /usr/local/apache/htdocs/sekrit>
AuthType Basic
AuthName intranet
AuthUserFile /www/passwd/users
AuthGroupFile /www/passwd/groups
Require group customers
Order allow,deny
Allow from internal.com
Satisfy any
</Directory>
Robert
More information about the tfug
mailing list