htaccess protective directory

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • epots9
    Recognized Expert Top Contributor
    • May 2007
    • 1352
    #1

    htaccess protective directory

    I already have the directory protected with a password but is there any way to put a condition that if the user click a link from the localhost that it would by-pass the password check?

    This directory contain presentation files and specfic customers get access to them when we provide them with the htaccess username/password but there is also a employee portal which needs access to these same files but I don't want them to login twice. Since the request is coming from the employee portal (same domain/server/ip) I would like it to not as them for a htaccess password but if someone were to type the whole path in their address bar then ask them for a username/password.

    can this be done?
    Tags: None
    • Luuk
      Recognized Expert Top Contributor
      • Mar 2012
      • 1043
      #2
      Code:
      AuthType Basic
AuthUserFile /putthissomewhere/.htpasswd
AuthName "Something"
require valid-user
satisfy any
deny from all
allow from 127.0.0.1
      Change the ip-address, or add more 'allow from ' lines to give passwordless access to more ip-adresses

        Comment

        • epots9
          Recognized Expert Top Contributor
          • May 2007
          • 1352
          #3
          thanks for the help but after some testing it is doesn't work the way I want.

          I'm pretty sure that the require valid-user is taking control over the satisfy any command and that is why it is constantly requesting a password even though the link is coming from the same local host.

          My .htaccess skills are very lacking, to say the least, but is there a way to put a if-statement around the require command?

          like:
          Code:
          AuthType Basic
AuthUserFile /putthissomewhere/.htpasswd
AuthName "Something"
if(request location != allow from location)
{
    require valid-user
}
satisfy any
deny from all
allow from 127.0.0.1
          is this even possible?

            Comment

            • Luuk
              Recognized Expert Top Contributor
              • Mar 2012
              • 1043
              #4
              my example is something which i got from the manual
              core - Apache HTTP Server
              http://httpd.apache.org/docs/2.0/mod/core.html#satisfy


              For example, if you wanted to let people on your network have unrestricted access to a portion of your website, but require that people outside of your network provide a password, you could use a configuration similar to the following:
              Require valid-user
              Allow from 192.168.1
              Satisfy Any

                Comment

                Previous template Next
                Working...