сряда, май 28, 2014

Apache - Restrict WebSite areas with exceptions

Requirements: Web site http://home.lan should have listed access permissions
1. Outside users must have valid user/pass to access specific areas, meanwhile LAN users has free access to that area
2. Free accessible area for outside and LAN users
3. Obligatory restricted area - must have valid user/pass combination


Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 Server at example.org Port 80
LAN 192.168.10.0/24
AAA - static (htpasswd)

K0b3 recommends to use Satisfy apache directive  

 ### whitespaces between < > and first/last character should be avoided
### I put them due to blogger's compose interface limitations

 < DocumentRoot "/var/www/wp" >

 ### whitout password from LAN any other with valid user/pass
< Directory / >
   AuthUserFile /var/www/http.passwd
  AuthType Basic
  AuthName WorkPlace
  Require valid-user
  Order allow,deny
  Allow from 192.168.10.0/24
  Satisfy any
< /Directory >
 
### free for all without password
< Directory /var/www/wp/help_files >
   Order allow,deny
  Allow from all
  Satisfy any
< /Directory >

  ### Passwd authentication for all!
< Directory /var/www/wp/admin >
   AuthUserFile /var/www/http-admin.passwd
  AuthType Basic
  AuthName WorkPlace_Admin_Area
  Require valid-user
### Can be avoided for simplicity
 Order allow,deny
### Can be avoided for simplicity 
 Allow from 192.168.10.0/24
### Can be avoided for simplicity  
Satisfy all

< /Directory >

Allow <-> Deny are obeying the following rules (according Apache's site)

Match Allow,Deny result Deny,Allow result
Match Allow only Request allowed Request allowed
Match Deny only Request denied Request denied
No match Default to second directive: Denied Default to second directive: Allowed
Match both Allow & Deny Final match controls: Denied Final match controls: Allowed

Публикувано от в Няма коментари:
Етикети:

сряда, май 14, 2014

Но стига ми тази награда, да каже нявга народа...

Те за т'фа работим:

[16:10:24] Marko Jovovic: ok, i satisfied with our it department from BG :)
[16:11:03] Eol: We are here to serve u Sir! :)
[16:11:22] Marko Jovovic: you are great!
[[16:18:15] Eol: If we done with this case I'll go back to my porntube watching :D
[16:19:51] Marko Jovovic: ahahhahahahaa
[16:20:44] Marko Jovovic: (rofl)
[16:20:50] Marko Jovovic: case closed
Публикувано от в Няма коментари:
Абонамент за: Публикации (Atom)