Saturday, July 17, 2010

Apache: Restricting folders by IP addresses

1st Problem:
You are running an Apache server. You need to restrict access to certain folders by IP addresses.

Solution to 1st problem:
Use .htacess to deny all access to that folder, then allow certain hosts/IP addresses.

AuthName "simoncpu's dark secret"
AuthType Basic

<Limit GET POST>
order deny,allow
deny from all
allow from 10.0.0.
allow from .example.org
allow from this.is.an.example.invalid
</Limit>

2nd Problem:
Your Apache is behind a proxy such as nginx. All requests to your Apache server appear to originate from your proxy.

Solution to 2nd problem:
Install mod_rpaf and restart your web server. .htaccess will now correctly restrict access to your folders.  Refer to its web page for installation instructions.

No comments: