Is it possible to make a rule in .htaccess with the following conditions:
If the origin IP comes from internal network, pass to home page.
else
if the origin IP is not internal network then direct to login page.
Im unsure of the search term so any help would be great.
lucy24
8:04 pm on Feb 3, 2014 (gmt 0)
Are you asking about your own internal network, such as an institutional site? Not any old internal network generically, right?
If the network has its own IP address that isn't used by anyone else, all you need is a {REMOTE_ADDR} condition. There are other approaches, but that's the simplest.
chrisguk
8:21 pm on Feb 3, 2014 (gmt 0)
Yes you are correct. I have an intranet that users can view a "intranet" website. So what I am attempting to do is state if the request comes from anything other than the 10.0.0.0/8 network then use the .htpasswd file to request authentication or a login page whatever is easier.
phranque
8:38 pm on Feb 3, 2014 (gmt 0)
if the origin IP is not internal network then direct to login page.
it depends on what you mean by a "login page". if HTTP Basic authentication is sufficient, you could do something like this:
<RequireAny> Require ip 10 Require valid-user </RequireAny>
and also your AuthType and other required authentication directives.
if you need a login web page then you could use mod_rewrite to redirect the visitor to the login page.
lucy24
11:55 pm on Feb 3, 2014 (gmt 0)
<RequireAny>
:: detour to Apache docs ::
Oh, I see. In 2.2 "Require" is only a directive. In 2.4 it's also an envelope, with "RequireAll" and "RequireAny" options. And it's all shifted from core to a named mod. At this point it's probably safe to assume 2.2 though.
