From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 766CE1381F3 for ; Thu, 29 Nov 2012 19:56:57 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 90A7C21C092; Thu, 29 Nov 2012 19:56:36 +0000 (UTC) Received: from mail-ea0-f181.google.com (mail-ea0-f181.google.com [209.85.215.181]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 2921321C022 for ; Thu, 29 Nov 2012 19:55:18 +0000 (UTC) Received: by mail-ea0-f181.google.com with SMTP id k14so4513342eaa.40 for ; Thu, 29 Nov 2012 11:55:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=ABSX1BC+9qg9KrJU78Oa0VFkYd8ztXqxvQxIwXtRGQE=; b=A4JGL9tQom0GHiv8MdbPAOkxTrl5Fgdy4FN8af4M006xwnWjgt55ZUm1Gu0iCdq6C3 OEqfXIIfrMOK7Bnm4Vgav3F/npJD10A394zrCmobuJ2EsJtmoDJW3mUIy67mBmgC/6ci a6kR0+J7hHCFXQg2BAHaPNI6Zc5rPvZN0kogqB+OeDhzxsymucJErR3bYKElP3okh3/K cPGxRpm8ypRhdzUXNJqFH0oWqvLNNCnLG0DvEgrSeUXkqKSRTxpMzHwsOC5KP4cGjP0Y gIgdU85TDbITBQHAYDQQmCSwGICRrEzsghX+eC2+8fnIWSEvm4qIsW2FlNUlifUmy4CR RcNw== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.14.213.134 with SMTP id a6mr85669126eep.45.1354218917772; Thu, 29 Nov 2012 11:55:17 -0800 (PST) Received: by 10.223.96.140 with HTTP; Thu, 29 Nov 2012 11:55:17 -0800 (PST) In-Reply-To: <20121129175559.GB14272@syscon7.inet> References: <20121129013519.GA14272@syscon7.inet> <20121129175559.GB14272@syscon7.inet> Date: Thu, 29 Nov 2012 11:55:17 -0800 Message-ID: Subject: Re: [gentoo-user] Restrict certain web users by IP From: Grant To: Gentoo mailing list Content-Type: multipart/alternative; boundary=e89a8f923f3a8abf1d04cfa7a920 X-Archives-Salt: 6fb84d76-5dc8-4fe8-91d1-4aff44b12416 X-Archives-Hash: 391828d06f6aecdf1ce6b51b6f26aaf8 --e89a8f923f3a8abf1d04cfa7a920 Content-Type: text/plain; charset=ISO-8859-1 >> >> I use apache2 authentication for web users and I would like to >> require >> >> logins from certain users to be from a certain IP address. I >> >> experimented with Allow and Require but couldn't find a way to >> restrict >> >> only certain users. Can this be done via apache2 authentication >> or >> >> should I use another method? >> >> >> >> - Grant >> > >> > >> > very simple via .htaccess >> > >> > >> > order deny,allow >> > deny from all >> > allow from IP_address >> > >> > >> > AuthName "restricted stuff" >> > AuthType Basic >> > AuthUserFile /etc/apache2/users >> > require user webmaster >> >> I think that will require any usernames specified to come from >> IP_address. I'm trying to allow certain usernames to come from any IP, >> and restrict other usernames to a certain IP. Can that be done via >> .htaccess? >> >> - Grant > > > You originally wanted "...logins from certain users to be from a certain IP address" > Now, you want from "any IP" In this case just restrict users with: > > > AuthName "restricted stuff" > AuthType Basic > AuthUserFile /etc/apache2/users > require user webmaster > > Just assign "password and user" from root: > # htpasswd2 -c /etc/apache2/users your-user-name I'm sorry I haven't been clear about this. Sometimes an example is the best way. I want users jack and jill to be able to access the web content from any IP address, and I want users john and jacob to be able to access the web content only if they are coming from a certain IP address. I don't want anyone else to have access. - Grant --e89a8f923f3a8abf1d04cfa7a920 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable >> =A0 >> =A0 I use apache2 authentication for web users and I = would like to
>> =A0 require
>> =A0 >> =A0 logins f= rom certain users to be from a certain IP address. =A0I
>> =A0 >= ;> =A0 experimented with Allow and Require but couldn't find a way t= o
>> =A0 restrict
>> =A0 >> =A0 only certain users. =A0C= an this be done via apache2 authentication
>> =A0 or
>> = =A0 >> =A0 should I use another method?
>> =A0 >>
&= gt;> =A0 >> =A0 - Grant
>> =A0 >
>> =A0 >
>> =A0 > very simple via= .htaccess
>> =A0 >
>> =A0 > <Limit GET POST>=
>> =A0 > order deny,allow
>> =A0 > deny from all>> =A0 > allow from IP_address
>> =A0 > </Limit>
>> =A0 >
>> =A0 > = AuthName "restricted stuff"
>> =A0 > AuthType Basic>> =A0 > AuthUserFile /etc/apache2/users
>> =A0 > re= quire user webmaster
>>
>> =A0 I think that will require any usernames specified = to come from
>> =A0 IP_address. =A0I'm trying to allow certain= usernames to come from any IP,
>> =A0 and restrict other username= s to a certain IP. =A0Can that be done via
>> =A0 .htaccess?
>>
>> =A0 - Grant
>
>=
> You originally wanted "...logins from certain users to be fro= m a certain IP address"
> Now, you want from "any IP" = In this case just restrict users with:
>
>
> =A0AuthName "restricted stuff"
> =A0Au= thType Basic
> =A0AuthUserFile /etc/apache2/users
> =A0require = user webmaster
>
> Just assign "password and user" fr= om root:
> # htpasswd2 -c /etc/apache2/users your-user-name

I'm s= orry I haven't been clear about this. =A0Sometimes an example is the be= st way.

I want users jack and jill to be able to a= ccess the web content from any IP address, and I want users john and jacob = to be able to access the web content only if they are coming from a certain= IP address. =A0I don't want anyone else to have access.

- Grant
--e89a8f923f3a8abf1d04cfa7a920--