Solved

Restricting PHP folder access to localhost and a range of IP addresses (192.168.0.*)

Posted on 2010-08-18
4
672 Views
Last Modified: 2013-11-18
Hello,

I am running PHP/Apache on Windows and I need to restrict access on one of the folders under the www folder so that only localhost and the IPs in the range 192.168.0.* can access that folder and files under it.

I tried creating a .htaccess with:

allow localhost
allow 192.168.0.1
allow 192.168.0.2
allow 192.168.0.3
...
allow 192.168.0.255

Here are the questions:
What is the syntax to specify the range of IP rather than each IP
If a user can access the file and then that IP is no longer part of the IP range the browser seems to ignore that and still pull the file from the browser cache, not a too big issue but not very dynamic...
And last, instead of a nice simple error message like "restricted access" I get the cryptic and lengthy error message bellow. How can I change that?

Internal Server Error. The server encountered an internal error or misconfiguration and was unable to complete your request.Please contact the server administrator, admin@domain.com and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.
0
Comment
Question by:deve-lopez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 26

Expert Comment

by:arober11
ID: 33472944
Try:


<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html
0
 
LVL 26

Assisted Solution

by:arober11
arober11 earned 500 total points
ID: 33472969
On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 
LVL 26

Accepted Solution

by:
arober11 earned 500 total points
ID: 33473025
All in one:

-----------------
1) On the IP front try:

<Directory /somFolder>
  Order Deny,Allow
  Deny from all
  Allow From 127.0.0.1 192.168.0
</Directory>

See: http://httpd.apache.org/docs/2.0/mod/mod_access.html

-----------------
2) Re the Caching issue, simply add the following to the block above:

# 1 Hour
Header set Cache-control "max-age=3600, must-revalidate"


-----------------
3) On the Error Message front, simply create your own No Access Error page and add the following to your httpd.conf or .htaccess:

ErrorDocument 401 /no_access.html


See: http://httpd.apache.org/docs/2.0/mod/core.html#errordocument
0
 

Author Closing Comment

by:deve-lopez
ID: 33524502
-
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Read about how to choose the best possible content marketing agency to suit your needs. Content marketing has become an integral part of running a successful tech business, so it is wise to be informed.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question