Apache Location Directive

Hello everyone!.

I am trying to configure my apache server so only some locations have authentication. Currently I have this:

<VirtualHost *:443>
    Header set Access-Control-Allow-Origin "*"
    ServerName mydomain
    DocumentRoot /var/www/ws
    <Directory /var/www/ws/>
        AllowOverride All
        Allow from all
        Options all
        Require all granted
    </Directory>
    <Location "/">
        AuthType Basic
        require valid-user
        AuthUserFile /var/www/.htpasswd
        AuthName "Authorization Required"
        satisfy any
        deny from all
        allow from 192.168.10
        allow from 172.16.10
    </Location>
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/apache.crt
    SSLCertificateKeyFile /etc/ssl/certs/apache.key
    SSLCertificateChainFile /etc/ssl/certs/apache.crt
    LogLevel debug
    ErrorLog /var/www/ws/logs/error.log
    TransferLog /var/www/ws/logs/access.log
    php_value include_path .:/usr/share/pear:/var/www/ws
    Alias /ws /var/www/ws
</VirtualHost>

Open in new window


However every locations  needs authentication. I want something like this:

<VirtualHost *:443>
    Header set Access-Control-Allow-Origin "*"
    ServerName mydomain
    DocumentRoot /var/www/ws
    <Directory /var/www/ws/>
        AllowOverride All
        Allow from all
        Options all
        Require all granted
    </Directory>
    <Location "/">
        AuthType Basic
        require valid-user
        AuthUserFile /var/www/.htpasswd
        AuthName "Authorization Required"
        satisfy any
        deny from all
        allow from 192.168.10
        allow from 172.16.10
    </Location>
    <Location "/services/location1/*">
        satisfy any
        Allow From All
    </Location>
    <Location "/services/location2/*">
        satisfy any
        Allow From All
    </Location>
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/apache.crt
    SSLCertificateKeyFile /etc/ssl/certs/apache.key
    SSLCertificateChainFile /etc/ssl/certs/apache.crt
    LogLevel debug
    ErrorLog /var/www/ws/logs/error.log
    TransferLog /var/www/ws/logs/access.log
    php_value include_path .:/usr/share/pear:/var/www/ws
    Alias /ws /var/www/ws
</VirtualHost>

Open in new window



Any ideas?. Is it possible to do this using .htaccess?
LVL 6
Ludwig DiehlSystems ArchitectAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Here's how I manage this using <Directory> stanzas... Where $user + $pass are strings...

I associate a master user with all entries, so anytime I hit a passworded directory, I can use a common master/master-pass for access.

Also, be sure you wrap your site in SSL, else anyone can scrape your user/pass data off the line.

# Keep a record of all user/pass entries
# ADD PASSWORD: htpasswd -c -B -C 10 -b /etc/apache2/apache2.users $user $pass
      <Directory /sites/$site.com/htdocs/private>
         AllowOverride AuthConfig
         AuthType Basic
         AuthName "Authentication Required"
         AuthUserFile /etc/apache2/apache2.users
         Require valid-user master $user
      </Directory>

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Poster seems to have stopped posting.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.