0

I want to all subdomains with *.domainname.com have got an httpasswd protect, but 2 ips allow to auth without credentials.

<Directory /home/www/clients>
            AuthUserFile /home/www/.htpasswd
            AuthName "Acceso Privado"
            AuthType Basic
            Require valid-user
            SetEnvIf Host domainname.com secure_content
            Order Allow,Deny
            Allow from all
            Deny from env=secure_content
            Allow from XX.XX.XX.XX
            Allow from XX.XX.XX.XX
            Satisfy Any
</Directory>

But all domains, hosted in /home/www/clients ask me to credentials :(

<VirtualHost *:80>
        ServerAdmin root@domainname.com
        ServerName trademark.domainname.com
        ServerAlias www.trademark.domainname.com

        DocumentRoot /home/www/clients/trademark/htdocs/

        <Directory /home/www/clients/trademark/htdocs>
                Options none FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/trademark/trademark_error.log

        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/trademark/trademark_access.log combined
</VirtualHost>
50l3r
  • 1,549
  • 4
  • 16
  • 27

1 Answers1

0

i found a solution for apache versions greater or equal than 2.4

<Directory /home/www/clients>
    <If "%{REMOTE_ADDR} != 'XX.XX.XX.XX'  && %{REMOTE_ADDR} != 'XX.XX.XX.XX' && %{HTTP_HOST} -strcmatch '*.domainname.com'">
        AuthUserFile /home/www/.htpasswd
        AuthName "Acceso Privado"
        AuthType Basic
        Require valid-user
    </If>
</Directory>
50l3r
  • 1,549
  • 4
  • 16
  • 27