From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SFAKP-0005Fn-3O for garchives@archives.gentoo.org; Tue, 03 Apr 2012 20:27:47 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DAF18E0C7F; Tue, 3 Apr 2012 20:27:15 +0000 (UTC) Received: from mail2.viabit.com (mail2.viabit.com [65.246.80.16]) by pigeon.gentoo.org (Postfix) with ESMTP id 2097BE0B5B for ; Tue, 3 Apr 2012 20:25:22 +0000 (UTC) Received: from [10.1.1.204] (unknown [65.213.236.244]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail2.viabit.com (Postfix) with ESMTPSA id A29C737ADF for ; Tue, 3 Apr 2012 16:25:21 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=orlitzky.com; s=mail2; t=1333484721; bh=OBW7wYdT0zbC0+9msWjQykMrUcNpOHHJnxJPvXegtcc=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=v4wiBQra7uUAMXOU2Pe8uzJJk9TmyyI9ZrbTsa5HBU6HBmzzqHKy6ksKc7cJP3I0a 0t3AWdlJkRRcmdo7L6Yw0wNaGyQbJeLQgYEcgPbiqsD3cttjb1QEAmx7JYz9O5Ej+s nBFFzEQkbMB910YzeLoC+4UiyhwzQg9mFYh07S8s= Message-ID: <4F7B5CB1.7050609@orlitzky.com> Date: Tue, 03 Apr 2012 16:25:21 -0400 From: Michael Orlitzky User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.1) Gecko/20120320 Thunderbird/10.0.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] *Simple* guide to implementing digest-auth combined with IP based whitelist? References: <4F7B4A52.30105@libertytrek.org> In-Reply-To: <4F7B4A52.30105@libertytrek.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 0034e2b0-e9c7-4aac-b692-32e8ccd12d5a X-Archives-Hash: 9e6f146bf1c4facc90dfccf5e05ba084 On 04/03/12 15:06, Tanstaafl wrote: > I've never had a need to protect a site like this so am totally new to > it... > > I've been reading, and everything says that digest-auth is preferred to > basic-http-auth (yes, I know that this isn't a very sophisticated level > of protection, but it is all we need for this site), but is there also a > way to whitelist certain static IP address so people on those don't get > prompted for a username/password? > > Thanks for any pointers to tfm... > >From http://httpd.apache.org/docs/2.2/mod/core.html#satisfy, For example, if you wanted to let people on your network have unrestricted access to a portion of your website, but require that people outside of your network provide a password, you could use a configuration similar to the following: See also: http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html for the "Allow from..." docs.