Solved

Restricting PHP folder access to localhost and a range of IP addresses (192.168.0.*)

Posted on 2010-08-18
4
668 Views
Last Modified: 2013-11-18
Hello,

I am running PHP/Apache on Windows and I need to restrict access on one of the folders under the www folder so that only localhost and the IPs in the range 192.168.0.* can access that folder and files under it.

I tried creating a .htaccess with:

allow localhost
allow 192.168.0.1
allow 192.168.0.2
allow 192.168.0.3
...
allow 192.168.0.255

Here are the questions:
What is the syntax to specify the range of IP rather than each IP
If a user can access the file and then that IP is no longer part of the IP range the browser seems to ignore that and still pull the file from the browser cache, not a too big issue but not very dynamic...
And last, instead of a nice simple error message like "restricted access" I get the cryptic and lengthy error message bellow. How can I change that?

Internal Server Error. The server encountered an internal error or misconfiguration and was unable to complete your request.Please contact the server administrator, admin@domain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.
0
Comment
Question by:deve-lopez
  • 3
4 Comments
 
LVL 26

Expert Comment

by:arober11
ID: 33472944
Try:


<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html
0
 
LVL 26

Assisted Solution

by:arober11
arober11 earned 500 total points
ID: 33472969
On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 
LVL 26

Accepted Solution

by:
arober11 earned 500 total points
ID: 33473025
All in one:

-----------------
1) On the IP front try:

<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html

-----------------
2) Re the Caching issue, simply add the following to the block above:

# 1 Hour
Header set Cache-control "max-age=3600, must-revalidate"


-----------------
3) On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 

Author Closing Comment

by:deve-lopez
ID: 33524502
-
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every business owner understands the significance of online customer reviews and the impact it can have on sales and revenues. With technology advancing at such a rapid pace, getting online reviews has never been easier, especially when many regions…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question