欢迎各位兄弟 发布技术文章

这里的技术是共享的

You are here

Apache Restrict Access to Specific URL Based on IP 指定 允许访问 拒绝访问 某个指定页面



LinuxQuestions.org Forums Linux Forums Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
 Search this Thread 
Old 11-01-2012, 01:54 PM  #1
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Rep: Reputation: 0
 
Apache Restrict Access to Specific URL Based on IP

 
[Log in to get rid of this advertisement]
I have a wordpress multi-site server running on Ubuntu. I need to restrict access to two of the wordpress sub-sites to a specific subnet. For example:

http://www.mywp.com/jobs
http://www.mywp.com/apples

These two subsites are only access via 192.168.*.* ( or in CIDR notation 192.168.0.0\16), and 104.113.*.*

I have explored many options the most promising is the apache mod_rewrite approach; however, I have found that rewriting works for directories. Wordpress doesn't have a typical tree stucture, i.e. http://www.mywp.com/jobs doesn't correspond to /var/www/jobs, and in fact http://www.mywp.com/jobs doesn't have a single file or directory representation at all. Thus thus there is no corresponding .htaccess file for /jobs. I don't see how to attach a URL instead of a directory to the rewrite rule. Here are the rewrite concepts I have been playing with:

Code:
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{REMOTE_ADDR} ^192.168\. [OR]
 RewriteCond %{REMOTE_ADDR} ^104\.113\. [OR]
 RewriteRule ^(/jobs*)$ / [F,L]
</IfModule>
Which is also backwards as far as restriction goes since this redirects ../jobs to the home page.

Code:
<Limit GET POST PUT>
 order deny,allow
 deny from all
 allow from 192.168.
 deny from 104.113.
</Limit>
Which makes more sense to me but still doesn't attach to a URL. Can anyone suggest methods for restricting access to a URL based on IP without a per directory or .htaccess approach?
  
 
Old 11-01-2012, 05:14 PM  #2
larvel
LQ Newbie
 
Registered: Jun 2012
Posts: 29

Rep: Reputation: Disabled
 
Have you tried Location match?
 
 
Old 11-01-2012, 06:39 PM  #3
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Original Poster 
Rep: Reputation: 0
 
Quote:
Originally Posted by larvel View Post
Have you tried Location match?
Marvelous! This worked perfectly:

Code:
      <Location /jobs>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>

      <Location /apples>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>
Which yields a 403 Forbidden to everyone else. Thanks, I did not know this directive existed.
LinuxQuestions.org Forums Linux Forums Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices
 

Reply
 Search this Thread 
Old 11-01-2012, 01:54 PM  #1
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Rep: Reputation: 0
 
Apache Restrict Access to Specific URL Based on IP

 
[Log in to get rid of this advertisement]
I have a wordpress multi-site server running on Ubuntu. I need to restrict access to two of the wordpress sub-sites to a specific subnet. For example:

http://www.mywp.com/jobs
http://www.mywp.com/apples

These two subsites are only access via 192.168.*.* ( or in CIDR notation 192.168.0.0\16), and 104.113.*.*

I have explored many options the most promising is the apache mod_rewrite approach; however, I have found that rewriting works for directories. Wordpress doesn't have a typical tree stucture, i.e. http://www.mywp.com/jobs doesn't correspond to /var/www/jobs, and in fact http://www.mywp.com/jobs doesn't have a single file or directory representation at all. Thus thus there is no corresponding .htaccess file for /jobs. I don't see how to attach a URL instead of a directory to the rewrite rule. Here are the rewrite concepts I have been playing with:

Code:
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{REMOTE_ADDR} ^192.168\. [OR]
 RewriteCond %{REMOTE_ADDR} ^104\.113\. [OR]
 RewriteRule ^(/jobs*)$ / [F,L]
</IfModule>
Which is also backwards as far as restriction goes since this redirects ../jobs to the home page.

Code:
<Limit GET POST PUT>
 order deny,allow
 deny from all
 allow from 192.168.
 deny from 104.113.
</Limit>
Which makes more sense to me but still doesn't attach to a URL. Can anyone suggest methods for restricting access to a URL based on IP without a per directory or .htaccess approach?
  
 
Old 11-01-2012, 05:14 PM  #2
larvel
LQ Newbie
 
Registered: Jun 2012
Posts: 29

Rep: Reputation: Disabled
 
Have you tried Location match?
 
 
Old 11-01-2012, 06:39 PM  #3
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Original Poster 
Rep: Reputation: 0
 
Quote:
Originally Posted by larvel View Post
Have you tried Location match?
Marvelous! This worked perfectly:

Code:
      <Location /jobs>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>

      <Location /apples>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>
Which yields a 403 Forbidden to everyone else. Thanks, I did not know this directive existed.
LinuxQuestions.org Forums Linux Forums Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices
 

Reply
 Search this Thread 
Old 11-01-2012, 01:54 PM  #1
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Rep: Reputation: 0
 
Apache Restrict Access to Specific URL Based on IP

 
[Log in to get rid of this advertisement]
I have a wordpress multi-site server running on Ubuntu. I need to restrict access to two of the wordpress sub-sites to a specific subnet. For example:

http://www.mywp.com/jobs
http://www.mywp.com/apples

These two subsites are only access via 192.168.*.* ( or in CIDR notation 192.168.0.0\16), and 104.113.*.*

I have explored many options the most promising is the apache mod_rewrite approach; however, I have found that rewriting works for directories. Wordpress doesn't have a typical tree stucture, i.e. http://www.mywp.com/jobs doesn't correspond to /var/www/jobs, and in fact http://www.mywp.com/jobs doesn't have a single file or directory representation at all. Thus thus there is no corresponding .htaccess file for /jobs. I don't see how to attach a URL instead of a directory to the rewrite rule. Here are the rewrite concepts I have been playing with:

Code:
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{REMOTE_ADDR} ^192.168\. [OR]
 RewriteCond %{REMOTE_ADDR} ^104\.113\. [OR]
 RewriteRule ^(/jobs*)$ / [F,L]
</IfModule>
Which is also backwards as far as restriction goes since this redirects ../jobs to the home page.

Code:
<Limit GET POST PUT>
 order deny,allow
 deny from all
 allow from 192.168.
 deny from 104.113.
</Limit>
Which makes more sense to me but still doesn't attach to a URL. Can anyone suggest methods for restricting access to a URL based on IP without a per directory or .htaccess approach?
  
 
Old 11-01-2012, 05:14 PM  #2
larvel
LQ Newbie
 
Registered: Jun 2012
Posts: 29

Rep: Reputation: Disabled
 
Have you tried Location match?
 
 
Old 11-01-2012, 06:39 PM  #3
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Original Poster 
Rep: Reputation: 0
 
Quote:
Originally Posted by larvel View Post
Have you tried Location match?
Marvelous! This worked perfectly:

Code:
      <Location /jobs>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>

      <Location /apples>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>
Which yields a 403 Forbidden to everyone else. Thanks, I did not know this directive existed.

来自 https://www.linuxquestions.org/questions/linux-newbie-8/apache-restrict-access-to-specific-url-based...
普通分类: