I'm using HTTPS+basic auth (AuthType Basic ... Require valid-user) to protect a resource, but I'd like to allow connections from localhost through, even if they aren't authenticated.
What's the simplest way of doing that?
Asked
Active
Viewed 1.7k times
6
David Wolever
- 2,267
- 3
- 24
- 27
-
1http://serverfault.com/questions/33192/how-can-i-password-prompt-certain-ips-and-allow-all-others-free-access-using-apac – Kyle Brandt Nov 19 '09 at 18:50
-
Oops, clearly my searching-foo failed me today. Thanks. – David Wolever Nov 19 '09 at 20:44
1 Answers
17
You can tell apache to allow connections from specific IP addresses, like this:
Allow from 192.168.0.1/24
Satisfy Any
If you add that to your authentication scheme it will allow any IP address in the 192.168.0.1 - 192.168.0.254 range to access your content.
A full example may look like this (I am using digest, just substitute with your basic code):
<Location />
Order deny,allow
Deny from all
AuthName "SomeSite"
AuthType Digest
AuthDigestProvider file
AuthDigestDomain http://somesite.com
AuthUserFile /etc/apache2/password.file
Require valid-user
Allow from 192.168.0.1/24
Satisfy Any
</Location>
Jay
- 6,544
- 25
- 34
Brendan Martens
- 186
- 1
- 5