2

I'm new to lighttpd. Here is the goal I want to achieve. I want only the client in my current can access my lighttpd server. For example, current ip address of lighttpd server is '192.168.10.100', only the client with ip address '192.168.10.0/24' can aceess the lighttpd server. The server ip address may change. How to configure lighttpd to only allow current subnet to access?

Here is what I tried. I don't know how to fill the remoteip value. Can anyone help me out? Thanks in advance.

$HTTP["remoteip"] == "192.168.10.0/24" {

}
Tony Lin
  • 765
  • 3
  • 15
  • 35

1 Answers1

4

See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModAccess

server.modules += ( "mod_access" )

$HTTP["remoteip"] != "192.168.10.0/24" {
  url.access-deny = ("")
}
gstrauss
  • 2,091
  • 1
  • 12
  • 16
  • What I need is to limited only the client in the subnet can access my lighttpd server, while my server ip and subnet can dynamically change. – Tony Lin Jun 23 '17 at 05:44
  • 1
    So why was my answer marked -1? That's a valid answer for how to restrict access in lighttpd. If the server IP and subnet can change, then your environment is not stable. Consider creating firewall rules which only allow access to the listening port (e.g. port 80) from the local subnet, and dynamically update those rules when your IP address and subnet change. – gstrauss Jun 24 '17 at 16:59
  • @TonyLin I guess you need a firewall. – fmnijk Nov 01 '21 at 18:19