Menu
So I want to restrict access to a url. Now if they are coming from a given IP address then they shouldn't be prompted for a password. If they are not coming from a givin IP address then they should be prompted for a password.
so a either or of:
AuthUserFile /some/path/.htpasswd AuthName "Please Log In" AuthType Basic require valid-user and:
order deny,allow deny from all allow from x.x.x.x 
545
Step 1: Generate the Country's IP AddressesHead to Country IP Blocks homepage. Select the countries you want to block or allow. On the Select Format section, choose Apache . htaccess Deny or Apache .
Go to Hosting → Manage → IP Manager: There, you will be able to find 2 options: add IPs to allow and block access to your website: Just add an IP you wish to create rules for, leave a note (optional) and click on Add.
. htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof.
Here's how to find the IP address on the Android phone:Go to your phone's settings. Select “About device.” Tap on “Status.” Here you can find information about your device, including the IP address.
You can use the Apache "Satisfy" directive.
Here is an example of using it :
AuthType Basic AuthName "Please Log In" AuthUserFile /some/path/.htpasswd Require valid-user Order deny,allow Deny from all Allow from 127.0.0.1 Satisfy any Access without password is only allowed from 127.0.0.1.
Hope this helps.
134
With Apache 2.4 Satisfy is still available, but deprecated
Note
The directives provided by mod_access_compat have been deprecated by mod_authz_host. Mixing old directives like Order, Allow or Deny with new ones like Require is technically possible but discouraged. This module was created to support configurations containing only old directives to facilitate the 2.4 upgrade. Please check the upgrading guide for more information.
In your case Allow from 1.2.3.4 is replaced by Require ip 1.2.3.4
Combining several Requires (like Require valid-user and Require ip) can be done by Authorization Containers. So saying the client must either provide a password or come from a specific IP address, would be done by surrounding the directives with RequireAny, e.g.
<RequireAny> Require valid-user Require ip 1.2.3.4 </RequireAny> Although, this is a special case as described at the end of Require
When multiple Require directives are used in a single configuration section and are not contained in another authorization directive like
<RequireAll>, they are implicitly contained within a<RequireAny>directive. Thus the first one to authorize a user authorizes the entire request, and subsequent Require directives are ignored.
In other words, RequireAny is optional here, and you can just list
Require valid-user Require ip 1.2.3.4 If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
