• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 188
  • Last Modified:

Set up Apache 2.0.x to allow access by incoming IP AND/OR password (htaccess)

Hi all,

I have a site on our Intranet that is currently wide open.  We need to add password controls to it so we can allow some people to see certain sub-directories of the site, but not everything.  The catch is, we'd like to bypass the password security if the incoming connection is from a particular IP range.

So what I'm wondering is if Apache 2.0.x allows this sort of "combo authorization" model.  Ideally, it should check the incoming IP address first.  If it is "allowed" then the user can connect without a password.  If it isn't in the allowed IP range, it performs a password check.

Any thoughts?  Does Apache 2.2.x support this?

Thanks!

Jeff
0
masterbaker
Asked:
masterbaker
1 Solution
 
sleep_furiouslyCommented:
You can do this with Apache 2.0.  See the "Satisfy" directive.

http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

Example:

Require valid-user
Allow from 192.168.1
Satisfy Any

0
 
masterbakerAuthor Commented:
Wow, so simple yet so effective. :)  I had to add a "deny all" as well, but that satisfy command was exactly what I needed.  Thank you so much!!!

Jeff
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now