Solved

Restricting PHP folder access to localhost and a range of IP addresses (192.168.0.*)

Posted on 2010-08-18
4
666 Views
Last Modified: 2013-11-18
Hello,

I am running PHP/Apache on Windows and I need to restrict access on one of the folders under the www folder so that only localhost and the IPs in the range 192.168.0.* can access that folder and files under it.

I tried creating a .htaccess with:

allow localhost
allow 192.168.0.1
allow 192.168.0.2
allow 192.168.0.3
...
allow 192.168.0.255

Here are the questions:
What is the syntax to specify the range of IP rather than each IP
If a user can access the file and then that IP is no longer part of the IP range the browser seems to ignore that and still pull the file from the browser cache, not a too big issue but not very dynamic...
And last, instead of a nice simple error message like "restricted access" I get the cryptic and lengthy error message bellow. How can I change that?

Internal Server Error. The server encountered an internal error or misconfiguration and was unable to complete your request.Please contact the server administrator, admin@domain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.
0
Comment
Question by:deve-lopez
  • 3
4 Comments
 
LVL 26

Expert Comment

by:arober11
ID: 33472944
Try:


<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html
0
 
LVL 26

Assisted Solution

by:arober11
arober11 earned 500 total points
ID: 33472969
On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 
LVL 26

Accepted Solution

by:
arober11 earned 500 total points
ID: 33473025
All in one:

-----------------
1) On the IP front try:

<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html

-----------------
2) Re the Caching issue, simply add the following to the block above:

# 1 Hour
Header set Cache-control "max-age=3600, must-revalidate"


-----------------
3) On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 

Author Closing Comment

by:deve-lopez
ID: 33524502
-
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This article discusses how to create an extensible mechanism for linked drop downs.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now