httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Doug Hairfield <doug.hairfi...@mac.com>
Subject Re: [users@httpd] .htaccess allow access to one file, deny the rest.
Date Thu, 25 Oct 2007 15:48:59 GMT
Thanx, that got me much closer.  Unfortunately that page consists of  
multiple files, .css, .png, .cgi so I tried using this expression in  
the <Files> line, but it is not allowing those files to come  
through.  From firefox, it prompts me for the .htaccess password  
credentials for the other files it seems, if I cancel through them,  
about 5 times I eventually get the page with the data I need to pull  
without the images.

<Directory /usr/local/nagios/sbin/>
    Options ExecCGI
    SSLRequireSSL
    order deny,allow
    AuthType Basic
    AuthUserFile /usr/local/nagios/etc/passwd
    AuthName "nagios"
    require valid-user
<Files ~ "\.(css|cgi|png)$">
    Order Allow,Deny
    Allow from "An IP"
</Files>
Satisfy Any
</Directory>

With this from the access_log

An IP Address5 - - [25/Oct/2007:11:42:26 -0400] "GET /nagios/cgi-bin/ 
tac.cgi HTTP/1.1" 200 11705
An IP Address - - [25/Oct/2007:11:42:26 -0400] "GET /nagios/ 
stylesheets/common.css HTTP/1.1" 401 470
An IP Address - - [25/Oct/2007:11:42:28 -0400] "GET /nagios/ 
stylesheets/tac.css HTTP/1.1" 401 470
An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ 
thermcrit.png HTTP/1.1" 401 470
An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ 
tacdisabled.png HTTP/1.1" 401 470
An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ 
tacenabled.png HTTP/1.1" 401 470


--Doug



On Oct 24, 2007, at 3:41 PM, Joshua Slive wrote:

> On 10/24/07, Doug Hairfield <doug.hairfield@mac.com> wrote:
>>
>> Fedora Core 4/apache2.0.59
>>
>> Is it possible to use an htaccess file to deny access to  
>> everything in a
>> directory EXCEPT one particular file and allow access to that file  
>> via IP
>> address?  I have a script that needs to be able to hit
>> http://someurl/nagios/cgi-bin/tac.cgi.  I am using the  
>> following .htaccess
>> file to restrict access to our nagios page to a passwd file but  
>> allow access
>> to the tac.cgi file.  I can't seem to find an example anywhere for  
>> what I am
>> doing.
>
> You need
> Satisfy Any
> See:
> http://wiki.apache.org/httpd/ 
> BypassAuthenticationOrAuthorizationRequirements
>
> Joshua.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


Mime
View raw message