.htaccess allow from REMOTE_HOST

Question

l'm trying to set up an .htaccess file that will restrict access to a specific file, unless the request has come from the same server.

Here's what l expected to work (but it doesn't seem to):

<Files /some/secret/cron.php>
    Order deny,allow
    Deny from all
    Allow from %{REMOTE_HOST}
</Files>

In this instance l can't just hard code in the IP address of the server, as it changes/rolls over to other servers throughout the day.

score 2 · Answer 1 · answered Jun 20 '15 at 15:35

2

You cannot use %{REMOTE_HOST} in Allow from. Use it in a mod_rewrite rule like this:

RewriteEngine On

RewriteCond %{REMOTE_ADDR} !=11.22.33.44
RewriteRule cron\.php$ - [F,NC]

Replace 11.22.33.44 by your IP address.

answered Jun 20 '15 at 15:35

anubhava

score 1 · Answer 2 · answered Jun 20 '15 at 16:39

1

You might try this

SetEnvIf Remote_Addr 127.0.0.1 Allowed=1
<Files "/some/secret/cron.php">
    Order deny,allow
    Deny from All
    Allow from env=Allowed
</Files>

answered Jun 20 '15 at 16:39

Eduardo Escobar

2 Answers2