I have set up a site that is currently work in progress. I'm using an external SMS gateway that needs access to a script on my server. However, I have set up a basic username and password authentication for regular users, but the SMS gateway can't get through that.
How can I allow a single IP to pass through the authentication without authenticating itself, and deny all other users that aren't authenticated?
Here's my .htaccess
file:
Order allow,deny Allow from all AuthType Basic AuthUserFile /www/.site_htpasswd AuthName "Protected Area" require user admin
By restricting login access of a user by IP address, the user is unable to log in outside of the IP address ranges that you define. You can also specify global IP address ranges, which apply to all users. IP restrictions are checked on every page load.
Just found out, with help from JoseK:
Order deny,allow Deny from all AuthType Basic AuthUserFile /www/.site_htpasswd AuthName "Protected Area" require valid-user Allow from 1.2.3.4 Satisfy Any
UPDATE: As of Apache 2.4, Order
, Allow
, Deny
, and Satisfy
directives should not be used anymore. So the new syntax is:
AuthType Basic AuthUserFile /www/.site_htpasswd AuthName "Protected Area" <RequireAny> Require ip 1.2.3.4 Require valid-user </RequireAny>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With