httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roberto Suarez Soto <>
Subject [users@httpd] Restriction of access using both mod_authz_host and mod_auth_basic
Date Thu, 04 Oct 2007 10:44:31 GMT

	I have a website that I want only a few selected IPs to see. For
this, I use "Allow from" directives in the VirtualHost section of this
website. But besides, I have some people that use dynamic IP addresses (so
I can't use "Allow from") and that must see the website too. So, ideally,
I'd like to use "Allow from" directives to allow access from my "allowed
IPs" list, and if someone from an IP not in the list tries to access, I'd
like him or her to be able to use basic authentication to be allowed.

	I wanted to do it for a customer a few days ago but wasn't able to.
My apache-fu is quite small, but perusing the documentation I reached the
conclusion that I might be trying to mix oranges and apples, and that what
I wanted is not easily feasible, or not possible at all.

	I tried to use the Rewrite engine to do something alike, chaining a
lot of RewriteCond matching %{REMOTE_HOST} for the list of IPs and "ORing"
it with a RewriteCond matching an environment variable that I would set
with RewriteRule somewhere else. It was a complete mess, and didn't work;
but I feel that it might be the path to follow to get it working.

	Any ideas, any hints of how could this be done?

	Thanks in advance.

        Roberto Suarez Soto                             Allenta Consulting                         
                                                           +34 881 922 600

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message