Apache Location Directive

Ludwig Diehl
Ludwig Diehl used Ask the Experts™
on
Hello everyone!.

I am trying to configure my apache server so only some locations have authentication. Currently I have this:

<VirtualHost *:443>
    Header set Access-Control-Allow-Origin "*"
    ServerName mydomain
    DocumentRoot /var/www/ws
    <Directory /var/www/ws/>
        AllowOverride All
        Allow from all
        Options all
        Require all granted
    </Directory>
    <Location "/">
        AuthType Basic
        require valid-user
        AuthUserFile /var/www/.htpasswd
        AuthName "Authorization Required"
        satisfy any
        deny from all
        allow from 192.168.10
        allow from 172.16.10
    </Location>
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/apache.crt
    SSLCertificateKeyFile /etc/ssl/certs/apache.key
    SSLCertificateChainFile /etc/ssl/certs/apache.crt
    LogLevel debug
    ErrorLog /var/www/ws/logs/error.log
    TransferLog /var/www/ws/logs/access.log
    php_value include_path .:/usr/share/pear:/var/www/ws
    Alias /ws /var/www/ws
</VirtualHost>

Open in new window


However every locations  needs authentication. I want something like this:

<VirtualHost *:443>
    Header set Access-Control-Allow-Origin "*"
    ServerName mydomain
    DocumentRoot /var/www/ws
    <Directory /var/www/ws/>
        AllowOverride All
        Allow from all
        Options all
        Require all granted
    </Directory>
    <Location "/">
        AuthType Basic
        require valid-user
        AuthUserFile /var/www/.htpasswd
        AuthName "Authorization Required"
        satisfy any
        deny from all
        allow from 192.168.10
        allow from 172.16.10
    </Location>
    <Location "/services/location1/*">
        satisfy any
        Allow From All
    </Location>
    <Location "/services/location2/*">
        satisfy any
        Allow From All
    </Location>
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/apache.crt
    SSLCertificateKeyFile /etc/ssl/certs/apache.key
    SSLCertificateChainFile /etc/ssl/certs/apache.crt
    LogLevel debug
    ErrorLog /var/www/ws/logs/error.log
    TransferLog /var/www/ws/logs/access.log
    php_value include_path .:/usr/share/pear:/var/www/ws
    Alias /ws /var/www/ws
</VirtualHost>

Open in new window



Any ideas?. Is it possible to do this using .htaccess?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Fractional CTO
Distinguished Expert 2018
Commented:
Here's how I manage this using <Directory> stanzas... Where $user + $pass are strings...

I associate a master user with all entries, so anytime I hit a passworded directory, I can use a common master/master-pass for access.

Also, be sure you wrap your site in SSL, else anyone can scrape your user/pass data off the line.

# Keep a record of all user/pass entries
# ADD PASSWORD: htpasswd -c -B -C 10 -b /etc/apache2/apache2.users $user $pass
      <Directory /sites/$site.com/htdocs/private>
         AllowOverride AuthConfig
         AuthType Basic
         AuthName "Authentication Required"
         AuthUserFile /etc/apache2/apache2.users
         Require valid-user master $user
      </Directory>

Open in new window

David FavorFractional CTO
Distinguished Expert 2018

Commented:
Poster seems to have stopped posting.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial