PDA

View Full Version : Apache help


dhuynh
11-07-2006, 08:33 PM
Okay, anyone good with apache 2? I'm looking to see how to implement this:

I have an internal apache (www) server that will now be required to be accessible by some remote users... I need to implement this security scheme. if it's possible, let me know the parameters to look up. :) THANKS!!

http://server/ --> accessible internally only (192.169.1.xxx) w/o a password
http://server/directory1 --> acessible to anyone w/ a password (I guess using .htpasswd)

The main point is allow port 80 to pass to "server" but lock down http://server/ (root dir) to only allow access from a particular subnet.

Any idea? THANKS!!! BTW, it's a apache 2 server running on w2k3server.
treylane
11-07-2006, 08:54 PM
Satisfy any is your friend.

<Directory /mysharedstuff>
AuthType Basic
AuthName Authenticate or be terminated
AuthUserFile /path/to/passwd
Require valid-user
Order deny,allow
Deny from all
Allow from 1.2.3.4
Satisfy any
</Directory>

... or something like that. should be enough to get you started I think. ;)
dhuynh
11-07-2006, 08:57 PM
Thanks Jess!!! :)
dhuynh
11-08-2006, 04:46 PM
worked great! :)

Except, I had to add quotes around "Authenticate or be terminated"
:)

thanks Jess!
treylane
11-08-2006, 04:47 PM
Terminate!!!!!!!!
dhuynh
11-08-2006, 04:58 PM
Found this site the really helped too:
http://www.math.tu-clausthal.de/~matsa/linux/apache-nis/
treylane
11-08-2006, 05:00 PM
Yeah... you can auth off of NIS (or better, LDAP) if you want... there's also mod_auth_mysql which I've used several times and is pretty awesome.

If you've got PHP installed you can even do custom HTTP authentication based on whatever you want... I've got a script around here somewhere with all the proper headers to send, if you're interested. Really useful for doing REST style api's....
dhuynh
11-08-2006, 05:06 PM
nah.. between the info you gave me and some google searches, I found exactly what I wanted. :)