Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

.htaccess with password. how to allow circumvent for specific IP

Options
  • 10-03-2006 1:10pm
    #1
    Howitzer
    Registered Users Posts: 461 ✭✭


    Hi there,

    I have put a .htaccess on a folder .
    It now requires a username and password to gain access, which is great. Keeps the riff raff out!

    contents of .htaccess:
    AuthName "Restricted Area"
    AuthType Basic
    AuthUserFile /usr/www/users/host/folderlocation/.htpasswd
    AuthGroupFile /dev/null
    require valid-user

    contents of .htpassword:
    user:encryptedpassword

    all created from: http://www.tools.dynamicdrive.com/password/
    (found on http://www.javascriptkit.com/howto/htaccess3.shtml)

    What I want to know is:
    can I circumvent the need for a password for one specific ip
    i.e people on my network dont have to enter a password to access this folder.
    People in the outside world outside my office have to enter a name and password.

    How would I do this?

    Any advice appreciated


Comments

  • Options
    #2
    PhantomBeaker
    Registered Users Posts: 304 ✭✭PhantomBeaker


    Just found a page (in my bookmarks - I had to look into a lot of this a good while ago)

    http://www.cs.cmu.edu/~help/web_publishing/password_protect_pages.html

    Look at the last example.

    From what I can tell, it's basically including an "order deny,allow" and "allow from yournwork.com" and then right at the end "satisfy any"


  • Options
    #3
    bpmurray
    Registered Users Posts: 1,275 ✭✭✭bpmurray


    It's been a long time since I played with this stuff, but can't you set up the deny/allow lists? Something like 
    <Limit GET>
    order deny,allow
    deny from all
    allow from 192.168.0.1
</Limit>


  • Options
    #4
    Howitzer
    Registered Users Posts: 461 ✭✭Howitzer


    thanks to all.
    Phantom was closest with his example. It's bang on.

    it lead me to: http://httpd.apache.org/docs/1.3/howto/auth.html
    which is from the horse's mouth.

    I have it 98% working now with:

    AuthType Basic
    AuthName "Restricted Area"
    AuthUserFile /usr/www/dir/.htpasswd
    require valid-user
    Order Deny,Allow
    Deny from all
    Allow from 999.999.999.999
    Satisfy any

    This allows users within my network to access without password prompt
    it should prompt those outside to put in a password but is giving a error 500 internal system error for some reason.

    (to test this i changed to 899.999.999.999 to look like an outsider)

    cheers again
    nearly there


  • Options
    #5
    bpmurray
    Registered Users Posts: 1,275 ✭✭✭bpmurray


    You can also provide a range, e.g. for all those in your local network, 192.168.0.*, you can say "Allow from 192.168.0"


Advertisement