On Mon, 13 Aug 2012 10:40:51 +0530, J. B wrote: > I have the following in my .htaccess to force the authentication > > [....] > AuthName "htaccess password prompt" > AuthUserFile /home/askapache.com/.htpasswd AuthType Basic > Require valid-user > [...] > > Now I like some IPs to bypass the authentication. Hence I have modified > the rule as > > [...] > Order deny,allow > Deny from all > AuthName "htaccess password prompt" > AuthUserFile /home/askapache.com/.htpasswd AuthType Basic > Require valid-user > Allow from 172.17.10.1 > Satisfy Any > [....] > > But it just allow all IPs to bypass the authentication. IS there any > wrong code in the rule set ? The apache version is - [ Server version: > Apache/2.2.16 (Debian) ]
By "all IPs" you mean all of the IPs coming from your local network range or also from remote? At a first glance I see nothing wrong from the above "Allow from" directive (and you have more configuration samples here): http://wiki.apache.org/httpd/BypassAuthenticationOrAuthorizationRequirements Did you reload the apache2 service after the change? Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/k0b69q$9nn$9...@dough.gmane.org
