Reputation: 422
I want to do access-control for some files on an apache2-webserver (2.2.9(Debian)) depending on the the remote-ip and the a supplied username using a htaccess-file.
Rules:
My htaccess-file posted below allows remote-users to login und forbids access to adm.php. Unfortunately the localhost user needs to enter a password. What do I need to change in order to let a local user access adm.php without a password dialog popping up?
AuthType Basic
Authname "Test-App"
AuthUserFile /etc/web_passwd
Require valid-user
Order Deny,Allow
Allow from 127.0.0.1
Deny from all
Satisfy Any
<Files adm.php>
Order Deny,Allow
Allow from 127.0.0.1
Deny from all
Satisfy all
</Files>
Upvotes: 1
Views: 2073
Reputation: 786359
Enable mod_setenvif and then use the code below in your $DOCUMENT_ROOT/.htaccess
:
<Files "adm.php">
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Satisfy all
</Files>
<FilesMatch "(?!^adm\.php)^.*$">
AuthType Basic
Authname "Test-App"
AuthUserFile /etc/web_passwd
Require valid-user
Order deny,allow
Deny from all
Allow from 127.0.0.1
Satisfy any
</FilesMatch>
Upvotes: 1