Find the answer to your Linux question:
Results 1 to 7 of 7
I need to password protect some directories: - The root of the webserver (var/www/html) needs to be accessible by everybody from ip range 192.168.1.x - All other ip adressess must ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2005
    Location
    The Netherlands
    Posts
    2

    htaccess question


    I need to password protect some directories:

    - The root of the webserver (var/www/html) needs to be accessible by everybody from ip range 192.168.1.x
    - All other ip adressess must be asked for a login
    - A subdir called 'sales' (var/www/html/sales) needs to be password protected for everybody from anywhere

    Is this possible?

    My .htaccess in the root looks like:

    Code:
    PHP_FLAG output_buffering on
    
    Options -Indexes
    
    ErrorDocument 401 /errors/401.htm
    ErrorDocument 403 /errors/403.htm
    ErrorDocument 404 /errors/404.htm
    
    AuthUserFile /var/www/html/.htpasswd
    AuthGroupFile /dev/null
    AuthName "Login"
    AuthType Basic
    Satisfy any 
    Require valid-user 
    Order Deny,Allow 
    Deny from all 
    Allow from 192.168.1.
    But if i want to password protect the sales dir it won't work.

    Thanks,
    Richard

  2. #2
    Just Joined!
    Join Date
    May 2005
    Posts
    4
    Code:
     AuthType Basic
    AuthName "Password Required"
    AuthUserFile /www/passwords/password.file
    AuthGroupFile /www/passwords/group.file
    Require User

    adding password files like that^ although im not sure if you can do a local network override like that, you made it so that only the 192.168.1.* can access it, but from a diff ip it wont access, it wont even give them a password prompt...

  3. #3
    Just Joined!
    Join Date
    May 2005
    Location
    Bedfordshire
    Posts
    25
    Not sure about the IP range no password and password for everyone else bit but in your sales directory you need to put an additional .htaccess file.

    .htaccess uses a cascade of priorities - it will adopt what ever is in its parent directory unless it has something sayinf otherwise.

  4. #4
    Just Joined!
    Join Date
    Jan 2005
    Location
    UK
    Posts
    77
    you will also need to have different AuthNames for each area, so you might want Authname="Login" for your main one, and AuthName="Sales" for the /sales/.

    I would also recommend putting your AuthUserFile somewhere out of reach of the public. I put mine in a folder under the webserver root, so my root is /var/www/html, and i put my userfiles in /var/www/passwords.

  5. #5
    Just Joined!
    Join Date
    Apr 2005
    Posts
    88
    Greetings,

    You can use the apache module to do so, I did this setup using webmin the GUI Tool and it worked fine.

    Regards

  6. #6
    Just Joined!
    Join Date
    May 2005
    Location
    The Netherlands
    Posts
    2
    Dear KidCloudWala,

    Could you show me what the settings would be?



    Thanks,
    Richard

  7. #7
    Just Joined!
    Join Date
    Apr 2005
    Posts
    88
    Greetings,

    In the Authentication Realm Name you can give any meaningful name.
    Authentication Type make it Basic.
    Restrict Access by Login will be Only These Users and mention the username.
    Client Must Satisfy will be Default.
    Restrict Access Checking Order will be Default.
    In the TextFile mention the path and the name of the file you have created.
    Rest all of the thing will be left default.
    Save the settings and restart the Apache Web Server and check if it works or not.

    Please refer to the following link for more information:
    http://www.apacheweek.com/features/userauth

    Regards

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •