Re: .htaccess , how to bypass authentication for specific IPs ?
On Mon, 13 Aug 2012 10:40:51 +0530, J. B wrote: I have the following in my .htaccess to force the authentication [] AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user [...] Now I like some IPs to bypass the authentication. Hence I have modified the rule as [...] Order deny,allow Deny from all AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user Allow from 172.17.10.1 Satisfy Any [] But it just allow all IPs to bypass the authentication. IS there any wrong code in the rule set ? The apache version is - [ Server version: Apache/2.2.16 (Debian) ] By all IPs you mean all of the IPs coming from your local network range or also from remote? At a first glance I see nothing wrong from the above Allow from directive (and you have more configuration samples here): http://wiki.apache.org/httpd/BypassAuthenticationOrAuthorizationRequirements Did you reload the apache2 service after the change? Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k0b69q$9nn$9...@dough.gmane.org
Re: .htaccess , how to bypass authentication for specific IPs ?
On 13/08/12 16:25, Camaleón wrote: On Mon, 13 Aug 2012 10:40:51 +0530, J. B wrote: I have the following in my .htaccess to force the authentication [] AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user [...] Now I like some IPs to bypass the authentication. Hence I have modified the rule as [...] Order deny,allow Deny from all AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user Allow from 172.17.10.1 Satisfy Any [] But it just allow all IPs to bypass the authentication. IS there any wrong code in the rule set ? The apache version is - [ Server version: Apache/2.2.16 (Debian) ] You need Order allow,deny. See http://httpd.apache.org/docs/2.0/mod/mod_access.html#order for details. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50291d96.3030...@deathbycomputers.co.uk
Re: .htaccess , how to bypass authentication for specific IPs ?
On Mon, 13 Aug 2012 16:30:30 +0100, Tom Grace wrote: (careful when quoting...) On 13/08/12 16:25, Camaleón wrote: On Mon, 13 Aug 2012 10:40:51 +0530, J. B wrote: (...) Now I like some IPs to bypass the authentication. Hence I have modified the rule as [...] Order deny,allow Deny from all AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user Allow from 172.17.10.1 Satisfy Any [] But it just allow all IPs to bypass the authentication. IS there any wrong code in the rule set ? The apache version is - [ Server version: Apache/2.2.16 (Debian) ] You need Order allow,deny. See http://httpd.apache.org/docs/2.0/mod/mod_access.html#order for details. The order is consistent with the samples given in the link I sent before but how is that altering the Allow from stanza? Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k0b82b$9nn$1...@dough.gmane.org
Re: .htaccess , how to bypass authentication for specific IPs ?
On 13/08/12 16:55, Camaleón wrote: You need Order allow,deny. See http://httpd.apache.org/docs/2.0/mod/mod_access.html#order for details. The order is consistent with the samples given in the link I sent before but how is that altering the Allow from stanza? The .htaccess J.B. provided has Order deny,allow, they need to be the other way around. Sorry if I'd be quoting a little oddly, I joined in with this thread a bit late on Tom -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5029343c.1010...@deathbycomputers.co.uk
.htaccess , how to bypass authentication for specific IPs ?
Dear list, I have the following in my .htaccess to force the authentication [] AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user [...] Now I like some IPs to bypass the authentication. Hence I have modified the rule as [...] Order deny,allow Deny from all AuthName htaccess password prompt AuthUserFile /home/askapache.com/.htpasswd AuthType Basic Require valid-user Allow from 172.17.10.1 Satisfy Any [] But it just allow all IPs to bypass the authentication. IS there any wrong code in the rule set ? The apache version is - [ Server version: Apache/2.2.16 (Debian) ] Thanks -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120813104051.71e61...@shiva.selfip.org