Allow IP address without authentication

Question

I have set up a site that is currently work in progress. I'm using an external SMS gateway that needs access to a script on my server. However, I have set up a basic username and password authentication for regular users, but the SMS gateway can't get through that.

How can I allow a single IP to pass through the authentication without authenticating itself, and deny all other users that aren't authenticated?

Here's my .htaccess file:

Order allow,deny
Allow from all
AuthType Basic
AuthUserFile /www/.site_htpasswd
AuthName "Protected Area"
require user admin

score 44 · Answer 1 · answered Sep 06 '10 at 10:20

44

Just found out, with help from JoseK:

Order deny,allow
Deny from all
AuthType Basic
AuthUserFile /www/.site_htpasswd
AuthName "Protected Area"
require valid-user
Allow from 1.2.3.4
Satisfy Any

answered Sep 06 '10 at 10:20

rebellion

6,628
11
48
79

1

What Apache and mod_auth version is that for? – LeMike Sep 03 '13 at 19:36
2

This should work for Apache 2.2. Apache 2.4 has [new syntax](http://stackoverflow.com/a/27209938/878514). – fracz Sep 09 '15 at 20:57

score 35 · Accepted Answer · answered Feb 24 '16 at 10:42

UPDATE: As of Apache 2.4, Order, Allow, Deny, and Satisfy directives should not be used anymore. So the new syntax is:

AuthType Basic
AuthUserFile /www/.site_htpasswd
AuthName "Protected Area"

<RequireAny>
    Require ip 1.2.3.4
    Require valid-user
</RequireAny>

score 2 · Answer 3 · answered Sep 06 '10 at 09:09

2

Try changing first 2 lines to

Order deny,allow
Deny from all
Allow from 1.2.3.x

Replace your desired IP in the Allow from

answered Sep 06 '10 at 09:09

JoseK

31,141
14
104
131

This just gives me an 403 Forbidden :/ – rebellion Sep 06 '10 at 09:32
Never mind that, I had an error.. :P BUT, now it just keeps asking me for authentication, and don't want to authenticate me when I enter my credentials. – rebellion Sep 06 '10 at 09:38

Allow IP address without authentication

3 Answers3

Linked