欢迎各位兄弟 发布技术文章

这里的技术是共享的

You are here

首页

apache ip skip authconfig Apache:允许本地连接绕过基本身份验证 有大用

星期六, 2019-03-30 03:11 — adminshiping1

我使用的是HTTPS basic auth(AuthType Basic ... Require valid-user)保护资源,但我希望允许来自localhost的连接,即使它们未经过身份验证。

最简单的方法是什么?

改善这个问题

1答案 正确答案

十五

您可以告诉apache允许来自特定IP地址的连接,如下所示:

Allow from 192.168.0.1/24Satisfy Any

如果将其添加到您的身份验证方案中,它将允许192.168.0.1 - 192.168.0.254范围内的任何IP地址访问您的内容。

一个完整的示例可能如下所示(我正在使用摘要,只需替换您的基本代码):

<Location />    Order deny,allow    Deny from all    AuthName "SomeSite"    AuthType Digest    AuthDigestProvider file    AuthDigestDomain http://somesite.com    AuthUserFile /etc/apache2/password.file    Require valid-user    Allow from 192.168.0.1/24    Satisfy Any</Location>
改善这个答案

来自  https://serverfault.com/questions/86401/apache-allow-local-connections-to-bypass-basic-authentication



6

I'm using HTTPS+basic auth (AuthType Basic ... Require valid-user) to protect a resource, but I'd like to allow connections from localhost through, even if they aren't authenticated.

What's the simplest way of doing that?

improve this question

1 Answer

 正确答案

15

You can tell apache to allow connections from specific IP addresses, like this:

Allow from 192.168.0.1/24
Satisfy Any

If you add that to your authentication scheme it will allow any IP address in the 192.168.0.1 - 192.168.0.254 range to access your content.

A full example may look like this (I am using digest, just substitute with your basic code):

<Location />
    Order deny,allow
    Deny from all
    AuthName "SomeSite"
    AuthType Digest
    AuthDigestProvider file
    AuthDigestDomain http://somesite.com
    AuthUserFile /etc/apache2/password.file
    Require valid-user
    Allow from 192.168.0.1/24
    Satisfy Any
</Location>
improve this answer

来自  https://serverfault.com/questions/86401/apache-allow-local-connections-to-bypass-basic-authentication



普通分类: 
apache
Powered by Drupal

友情链接

校园好文网

 www.shipingzhong.cn  个人技术网_前端_后台    备案号:苏ICP备18010659号-2