logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Access to site via IP or alternativly via authentication
Author
20160413



Joined: 13 Apr 2016
Posts: 28

PostPosted: Tue 14 Aug '18 12:04    Post subject: Access to site via IP or alternativly via authentication Reply with quote

Basically I would like everyone be allowed to access the site coming from a certain IP-address or alternatively everyone who can get passed the authentication. So far so good. The following configuration works:

Code:

        <Directory /var/www/html/mydirectory/>
                Options FollowSymLinks MultiViews
                Satisfy any
                Order deny,allow
                Deny from all
                Allow from 178.65.204.105

                AuthType Basic
                AuthName "Access to MyDirectory"
                AuthUserFile /var/directory/.htpasswd
                Require valid-user
        </Directory>


The issue is that it spams the error log with e.g. "AH01797: client denied by server configuration: /var/www/html/mydirectory/index.php" for everyone who is coming via the authentication. Is there a way to avoid this or even a better way to configure for the desired result.

Any help greatly appreciated.

Cheers
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Tue 14 Aug '18 17:01    Post subject: Reply with quote

Do you have mod_access_compat enabled? Otherwise Order Deny Allow will no longer work. And the AH01797 seems to be more a Apache 2.4 error message.

Code:

<Directory /var/www/html/mydirectory/>
    AuthType Basic
    AuthName "Access to MyDirectory"
    AuthUserFile "/var/directory/.htpasswd"
    <RequireAny>
        Require valid-user
        Require ip 178.65.204.105
    </RequireAny>
</Directory>


See http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#requireany
and http://httpd.apache.org/docs/2.4/mod_authz_core.html#logic
Back to top
20160413



Joined: 13 Apr 2016
Posts: 28

PostPosted: Wed 15 Aug '18 21:57    Post subject: Reply with quote

Indeed mod_access_compat is enabled. Probably the default behaviour for Apache 2.4 on Debian 8 to provide a backwards compatible shim for deprecated configurations and allow for migrating to the new syntax.

Thanks a ton for providing an example on how to do it in Apache 2.4! This is much easier to grasp and it works. I will have a look soon to see if the error messages will go away now.

Thanks also for pointing me to the docu I was apparently unaware of. There is a small mistake in the second link you provided. I should be https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#logic

You rock. Thanks!
Back to top


Reply to topic   Topic: Access to site via IP or alternativly via authentication View previous topic :: View next topic
Post new topic   Forum Index -> Apache