IP authenticated access

Forum Moderators: phranque

Message Too Old, No Replies

IP authenticated access

Trevor4370

6:21 am on Jan 8, 2004 (gmt 0)

I would like to allow access to a directory via a password and username. This is no problem as I can use .htaccess, and have been doing this, but now I would like to allow certian IP addresses access without having them to logon. Any other IP address outside these selected for auto access will have to use their username and password.

I can ban IP addresses, and allow certian addresses using .htaccess, but they still have to use their username and password. Any suggestions, or does anyone know of a script that can do this, cgi or php?

many thanks

Trevor4370

bakedjake

9:22 pm on Jan 9, 2004 (gmt 0)

Just an idea: use a rewrite rule, where any authenticated IP address is redirected to the URL, with the username and password embedded in the proper format.

Let's see if I can get this right:


RewriteEngine on
RewriteCond %{HTTP_HOST} ^10.10.10.100(:80)?$
RewriteRule ^/(.*) ht[2][/2]tp://username:password@www.mydomain.com/$1 [L,R]

I don't think there's a clever way to do it with just mod_auth stuff... let me check though.

bakedjake

9:34 pm on Jan 9, 2004 (gmt 0)

You learn something new everyday! Let's try this with the Satisfy directive (if this works, forget the rewrite rule above, although that should work too):

AuthType Basic
AuthName "Top Secret"
AuthUserFile .htpasswd
require valid-user
order deny,allow
deny from all
allow from 10.10.10.100
satisfy any

Try that out. I've never used it before, so YMMV, but that's what the directive is there for. I'm pretty sure the syntax is correct.

Trevor4370

5:02 am on Feb 4, 2004 (gmt 0)

Thank you ..... this works fine. The only problem I found was I needed to add a range if IP addresses, such as 128.184.*.*. But this does not seem to work. Is there anyway of putting in a range of IP address such as this?

Trevor4370

5:21 am on Feb 4, 2004 (gmt 0)

I think I may have found the answer to my own question :-) I need to use 000.000. instead of 000.000.*.*?

bakedjake

5:21 pm on Feb 5, 2004 (gmt 0)

I need to use 000.000.

Correct. Glad it works for you!