2

Ubuntu 9.10 Apache2

Hi Guys,

Long story short, I need to restrict access to a certain part of my web site based on a dynamic IP source address that changes every now and then. Historically, I've just added the following to htaccess...

order deny,allow
deny from all
# allow my dynamic IP address
allow from <dynamic ip>

But the problem is that I'll have to manually make this change every time the IP changes.

Ideally I'd like to specify a hostname instead... something like: 

order deny,allow
deny from all
# allow my host
allow from hostname.whatever.local

That doesn't seemed to have worked though. I get an error 403 - access forbidden. Does .htaccess not support hostnames?

Mike B
  • 11,871
  • 42
  • 107
  • 168

2 Answers2

2

That would most likely because Apache doesn't look up the hostname in the direction you are thinking. Instead of looking hostname.whatever.local and allowing that address it does a reverse lookup on the connecting ip address, seeing if the response matches the allowed name.

(Well, actually Apache is doing a double lookup, first a reverse lookup and then a forward lookup on the result of the reverse.)

As the issue is about a dynamic ip address I assume it's PTR isn't simply changed constantly.

andol
  • 6,938
  • 29
  • 43
  • Ah. Yea, I have an A record being automatically updated but not the PTR. Thanks. – Mike B Dec 01 '09 at 23:51
  • Darn! My dns host won't let me change PTR records... lame. Is there a way I could issue a find-and-replace script for this one line? – Mike B Dec 01 '09 at 23:54
  • 1
    PTR posts aren't controlled by the domain name owner, but by the owner of the ip range. Unless you'r given a routed ip range you will most likely not be in control of a PTR zone. – andol Dec 01 '09 at 23:56
  • A 11 years old answer points out the real problem (and the solution) I think everyone using wordpress's wp-admin with an additional .htaccess on a shared-server will face. Use IP-addresses, not hostnames with the `Allow from`-clause. – Patrick B. Sep 23 '20 at 07:38
0

You can apply rewrite engine. Use RewriteCond %{REMOTE_HOST} ^host1.* followed perhaps by RewriteRule with error code