• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 186
  • Last Modified:

Set up Apache 2.0.x to allow access by incoming IP AND/OR password (htaccess)

Hi all,

I have a site on our Intranet that is currently wide open.  We need to add password controls to it so we can allow some people to see certain sub-directories of the site, but not everything.  The catch is, we'd like to bypass the password security if the incoming connection is from a particular IP range.

So what I'm wondering is if Apache 2.0.x allows this sort of "combo authorization" model.  Ideally, it should check the incoming IP address first.  If it is "allowed" then the user can connect without a password.  If it isn't in the allowed IP range, it performs a password check.

Any thoughts?  Does Apache 2.2.x support this?


1 Solution
You can do this with Apache 2.0.  See the "Satisfy" directive.



Require valid-user
Allow from 192.168.1
Satisfy Any

masterbakerAuthor Commented:
Wow, so simple yet so effective. :)  I had to add a "deny all" as well, but that satisfy command was exactly what I needed.  Thank you so much!!!


Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now