Restricting PHP folder access to localhost and a range of IP addresses (192.168.0.*)

Hello,

I am running PHP/Apache on Windows and I need to restrict access on one of the folders under the www folder so that only localhost and the IPs in the range 192.168.0.* can access that folder and files under it.

I tried creating a .htaccess with:

allow localhost
allow 192.168.0.1
allow 192.168.0.2
allow 192.168.0.3
...
allow 192.168.0.255

Here are the questions:
What is the syntax to specify the range of IP rather than each IP
If a user can access the file and then that IP is no longer part of the IP range the browser seems to ignore that and still pull the file from the browser cache, not a too big issue but not very dynamic...
And last, instead of a nice simple error message like "restricted access" I get the cryptic and lengthy error message bellow. How can I change that?

Internal Server Error. The server encountered an internal error or misconfiguration and was unable to complete your request.Please contact the server administrator, admin@domain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.
deve-lopezAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arober11Commented:
Try:


<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html
0
arober11Commented:
On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
arober11Commented:
All in one:

-----------------
1) On the IP front try:

<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html

-----------------
2) Re the Caching issue, simply add the following to the block above:

# 1 Hour
Header set Cache-control "max-age=3600, must-revalidate"


-----------------
3) On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
deve-lopezAuthor Commented:
-
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
E-Commerce

From novice to tech pro — start learning today.