Activities

February 2012
M T W T F S S
« Jan   Mar »
 12345
6789101112
13141516171819
20212223242526
272829  

Apache : Skipping Basic auth from certain known ip’s/Network

Most of us don’t like to share access certain links/pages which containing some sensitive matters. So we need to setup a mechanism to limit this access of of this area. Apache have a password a authentication mechanism to limit the access to a location which commonly called “Basic authentication“.

But this mechanism is quite annoying as it’s showing a popup to enter login details even though we access it from the office. To ellumincate this issue, we may place the auth in conjunction with network. So that Apache will not ask you logins if you are accessing from a network which know to Apache.

Here is the sample Apache entry to achieve this,

Alias /openmydb /usr/share/pma
 <Directory /usr/share/pma/>
   Order Deny,Allow
   Deny from All
   Allow from localhost 127.0.0.0/8 ::1 64.39.0.0/24 64.39.2.144/28 64.39.4.132/30 64.39.0.64/28

   AuthUserFile /etc/sec_passwords/htpasswd
   AuthName "For authorized users"
   AuthType Basic
   Require valid-user
   Satisfy any
</Directory>

Here allow directive open the access to listed IP’s. You may use CIDR to limit the no. of hosts to access. Pls note the text “Satisfy any” did the magic.

Cheers .. it’s a smaller tip.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>