Again: Complex configuration for access from different IPs (without virtual hosts)

Burkhard Schultheis

2015-01-08 13:35:50 UTC

Post by Burkhard Schultheis
1. If the connection is from a distinct group of IPs, all files in a
specified directory are accessible without authentication.
2. If the connection is from a second group of IPs, selected files (2)
are accessible with authentication only, all other files are not accessible.
3. For connections from other IPs there is no access at all.
Is there a way to get it working without virtual hosts?

I've have some experiments. Basically I have denied all access from all
hosts. Then I've allowed access with a password from one IP:

<Location /testverzeichnis/index.html>
AuthType Basic
AuthName "blabla"
Deny from all
Allow from <IP1>
AuthUserFile /srv/www/apache/.htpasswd
Require user scht
</Location>

This does work! I got a window for user/password.

Then I tried to get access without password from another machine:

<Location /testverzeichnis/index_.html>
Deny from all
Allow from <IP2>
</Location>

But I got an "access forbidden" on the second machine.

Then I tried an entry as for the first machine, with authentication:

<Location /testverzeichnis/index.html>
AuthType Basic
AuthName "bla bla"
Deny from all
Allow from <IP2>
AuthUserFile /srv/www/apache/.htpasswd
Require user scht
</Location>

It did not work with the 2 entries. With 1 entry with both addresses in
one row "Allow from <IP1>, <IP2>" it works with password for both machines.

Why does it not work with 2 entries? Why does it not work without
password on the second machine? Maybe it's the same reason?

Regards
Burkhard