.htaccess: how to restrict access to a single file by IP?

帅比萌擦擦* 提交于 2019-12-28 03:46:06

问题


I've look all over, but keeps running into same info that talks about directory level IP restriction, which usually looks something like this:

Order Deny,Allow
Deny from all
Allow from 123.123.123.123

Is it possible to have same type of access restriction tied to a page/document?


回答1:


This will allow either someone from IP 127.0.0.1 or logged as a valid user. Stick it either in your config or .htaccess file.

    <Files learn.php>
        Satisfy any
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1

        AuthType Basic
        AuthName "private"
        AuthUserFile /var/www/phpexperts.pro/.htpasswd
        AuthGroupFile /dev/null
        Require valid-user
    </Files>

IP Alone:

    <Files learn.php>
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
    </Files>

That definitely answers your question.




回答2:


I think the directive needs to be:

Order deny,allow

for the answer above to work (at least for the IP Alone solution).




回答3:


Mod-rewrite based solution :

RewriteEngine on

RewriteCond %{REMOTE_ADDR} !^Y\.O\.U\.R\.IP$
RewriteRule ^file\.php$ - [F,L]

The rewriteRule above will deny all requests to file.php if client ip does not match the ip address in the RewriteCond's pattern




回答4:


For a more up to date Apache 2.4 example:

<Files file.html>
    Require ip 123.123.123.123
</Files>

Here are the more in depth docs for additional options and examples: https://httpd.apache.org/docs/2.4/howto/access.html and the docs for the <Files> directive: https://httpd.apache.org/docs/2.4/mod/core.html#files

Note that <Files> can be nested inside <Directory> sections to restrict the portion of the filesystem they apply to.



来源:https://stackoverflow.com/questions/3604526/htaccess-how-to-restrict-access-to-a-single-file-by-ip

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!