Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

.htaccess with password. how to allow circumvent for specific IP

  • 10-03-2006 01:10PM
    #1
    Howitzer
    Registered Users, Registered Users 2 Posts: 461 ✭✭


    Hi there,

    I have put a .htaccess on a folder .
    It now requires a username and password to gain access, which is great. Keeps the riff raff out!

    contents of .htaccess:
    AuthName "Restricted Area"
    AuthType Basic
    AuthUserFile /usr/www/users/host/folderlocation/.htpasswd
    AuthGroupFile /dev/null
    require valid-user

    contents of .htpassword:
    user:encryptedpassword

    all created from: http://www.tools.dynamicdrive.com/password/
    (found on http://www.javascriptkit.com/howto/htaccess3.shtml)

    What I want to know is:
    can I circumvent the need for a password for one specific ip
    i.e people on my network dont have to enter a password to access this folder.
    People in the outside world outside my office have to enter a name and password.

    How would I do this?

    Any advice appreciated


Comments

  • #2
    PhantomBeaker
    Registered Users, Registered Users 2 Posts: 304 ✭✭PhantomBeaker


    Just found a page (in my bookmarks - I had to look into a lot of this a good while ago)

    http://www.cs.cmu.edu/~help/web_publishing/password_protect_pages.html

    Look at the last example.

    From what I can tell, it's basically including an "order deny,allow" and "allow from yournwork.com" and then right at the end "satisfy any"


  • #3
    bpmurray
    Registered Users, Registered Users 2 Posts: 1,275 ✭✭✭bpmurray


    It's been a long time since I played with this stuff, but can't you set up the deny/allow lists? Something like 
    <Limit GET>
    order deny,allow
    deny from all
    allow from 192.168.0.1
</Limit>


  • #4
    Howitzer
    Registered Users, Registered Users 2 Posts: 461 ✭✭Howitzer


    thanks to all.
    Phantom was closest with his example. It's bang on.

    it lead me to: http://httpd.apache.org/docs/1.3/howto/auth.html
    which is from the horse's mouth.

    I have it 98% working now with:

    AuthType Basic
    AuthName "Restricted Area"
    AuthUserFile /usr/www/dir/.htpasswd
    require valid-user
    Order Deny,Allow
    Deny from all
    Allow from 999.999.999.999
    Satisfy any

    This allows users within my network to access without password prompt
    it should prompt those outside to put in a password but is giving a error 500 internal system error for some reason.

    (to test this i changed to 899.999.999.999 to look like an outsider)

    cheers again
    nearly there


  • #5
    bpmurray
    Registered Users, Registered Users 2 Posts: 1,275 ✭✭✭bpmurray


    You can also provide a range, e.g. for all those in your local network, 192.168.0.*, you can say "Allow from 192.168.0"


Advertisement