I have a directory defined inside a virtual host I want to only be accessible
from inside our networks. What is happening is that the rules don't seem to be
working as I expect browser that do not match the criteria are getting access.
One complexity is that the parent path is secured by our SSO solution using AM
Agent. The browser is prompting for the SSO credentials. Here is my directory
definition:
<Directory "/nuinfo/httpd/htdocs/it-virtual-v2/admin-systems/secure">
Require all denied
<RequireAny>
Require host northwestern.edu
Require host wireless.northwestern.private
Require ip 129.105.0.0/16
Require ip 165.124.0.0/16
Require ip 165.20.108.150
Require ip 165.20.104.30
Require ip 38.124.31.0/24
Require ip 10.101.0.0/16
Require ip 10.102.0.0/15
Require ip 10.105.0.0/16
</RequireAny>
</Directory>
Darryl Baker
Sr. System Administrator
Northwestern | Information Technology
www.it.northwestern.edu
