On Thu, 29 Nov 2012 11:55:17 -0800 Grant <emailgr...@gmail.com> wrote:
> >> >> I use apache2 authentication for web users and I would like > >> >> to > >> require > >> >> logins from certain users to be from a certain IP address. > >> >> I experimented with Allow and Require but couldn't find a way > >> >> to > >> restrict > >> >> only certain users. Can this be done via apache2 > >> >> authentication > >> or > >> >> should I use another method? > >> >> > >> >> - Grant > >> > > >> > > >> > very simple via .htaccess > >> > > >> > <Limit GET POST> > >> > order deny,allow > >> > deny from all > >> > allow from IP_address > >> > </Limit> > >> > > >> > AuthName "restricted stuff" > >> > AuthType Basic > >> > AuthUserFile /etc/apache2/users > >> > require user webmaster > >> > >> I think that will require any usernames specified to come from > >> IP_address. I'm trying to allow certain usernames to come from > >> any IP, and restrict other usernames to a certain IP. Can that be > >> done via .htaccess? > >> > >> - Grant > > > > > > You originally wanted "...logins from certain users to be from a > > certain > IP address" > > Now, you want from "any IP" In this case just restrict users with: > > > > > > AuthName "restricted stuff" > > AuthType Basic > > AuthUserFile /etc/apache2/users > > require user webmaster > > > > Just assign "password and user" from root: > > # htpasswd2 -c /etc/apache2/users your-user-name > > I'm sorry I haven't been clear about this. Sometimes an example is > the best way. > > I want users jack and jill to be able to access the web content from > any IP address, and I want users john and jacob to be able to access > the web content only if they are coming from a certain IP address. I > don't want anyone else to have access. > > - Grant Run two vhosts that deliver the same content from the same DocumentRoot One has jack and jill as users in htpasswd with no acls in place The other has john and jacob as users in a different htpasswd with IP acls in place Trying to specify access rules to a group of users and not to other users all in the same context is a problem that will drive you nuts in a day. Rather side-step it entirely by applying your rules globaly to two different things. -- Alan McKinnon alan.mckin...@gmail.com
