Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

.htaccess

  • 21-10-2005 8:01pm
    #1
    Registered Users, Registered Users 2 Posts: 2,032 ✭✭✭


    I'm trying to setup a .htaccess file for a directory on one of our servers that will prompt the user for a login box if they're not from a certain IP Address.

    I can do the login box no problem using .htpasswd but is it possible to use some kind of if statement for the user to be prompted?

    Any info greatly appreciated.


Comments

  • Registered Users, Registered Users 2 Posts: 461 ✭✭Howitzer


    did you get an answer on this?

    I'm about to post:
    Hi there,

    I have put a .htaccess on a folder .
    It now requires a username and password to gain access, which is great. Keeps the riff raff out!

    contents of .htaccess:
    AuthName "Restricted Area"
    AuthType Basic
    AuthUserFile /usr/www/users/host/folderlocation/.htpasswd
    AuthGroupFile /dev/null
    require valid-user

    contents of .htpassword:
    user:encryptedpassword

    all created from: http://www.tools.dynamicdrive.com/password/
    (found on http://www.javascriptkit.com/howto/htaccess3.shtml)

    What I want to know is:
    can I circumvent the need for a password for one specific ip
    i.e people on my network dont have to enter a password to access this folder.
    People in the outside world outside my office have to enter a name and password.

    How would I do this?

    Any advice appreciated


  • Registered Users, Registered Users 2 Posts: 55,571 ✭✭✭✭Mr E


    Yep, I think this is possible using allow/deny. This helptext is copied from webshell helpfile on hosting365:
    Sometimes you might want to restrict access to all or part of your site. Maybe you have one area devoted to administration or maybe the site is only intended for a certain group of people. Or maybe you're trying to block a specific group of people.

    You can allow or deny access based on domain/IP. To deny anyone from a certain domain, use:

    deny from .aol.com

    You could also use an IP or range of IPs:

    deny from 24.64.

    This would deny anyone whose IP started with 24.64.

    Often, you'll want to deny everyone and then allow certain people.

    order deny,allow
    deny from all
    allow from 24.64.103.25
    allow from .islandnet.com

    The first line indicates in which order the directives should be processed. You'll most likely want to use domain names rather than IPs unless you're in a situation where the IPs are static.

    You can also use a sectioning directive called Limit to specify which connection methods this applies to.

    <Limit GET POST>
    order deny,allow
    deny from all
    allow from 24.64.103.25
    allow from .islandnet.com
    </Limit>

    Here, the limits only apply to pages and scripts called through GET and POST. Normally, a browser will issue a GET in the header. These are listed twice because they are case-sensitive and some browsers do it one way, some another. You could, if you liked, simply restrict POST so that all users could view pages but only certain ones could use forms.


  • Closed Accounts Posts: 519 ✭✭✭smeggle


    Just an addition to Howitzer's post - the javascript.com .htaccess tutorials start at this link http://www.javascriptkit.com/howto/htaccess.shtml

    Check the list out at the bottom

    I particularly found this one helped sort out a lot of heavy bandwidth issues

    http://www.javascriptkit.com/howto/htaccess13.shtml - I installed it not long ago and dropped about a third of my bandwidth usage..

    Found it to be a very good resource

    :)


Advertisement