HomeApacheLimit access to web site with a combination of IP address and basic authentication

Limit access to web site with a combination of IP address and basic authentication

Software Effect Enterprises, Inc Posted on by

I have a web site that I need to limit access with a combination if username/password AND ip address running on Apache 2.4

I completed this by putting the following in a configuration file

<VirtualHost mystuff.domain.com:80>
<Directory  /opt/mystuff>
    Options None
    <RequireAll>
        <RequireAll>
            AuthType Basic
            AuthName "My Site"
            Require valid-user
            AuthUserFile  /opt/.htaccess
        </RequireAll>
        <RequireAny>
           Require ip 10.10.10.0/24
           Require ip  10.20.10.0/24
       </RequireAny>
       </RequireAll
</Directory>
(additional directives, i.e. DocumentRoot, ServerName, ErrorLog, etc)
</VirtualHost>

You must have an ip address in the 10.10.10.0 network or the 10.20.10.0 network AND you must put in your username and password to access the web site

Tested on httpd 2.4 on Centos 7

 

Comments are closed.