Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

My Favourites

Slackware

Calendar

October 2014
M T W T F S S
« Sep    
 12345
6789101112
13141516171819
20212223242526
2728293031  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

Meta

Alien Tip: protected apache URL

I run a apache webserver at home which is accessible on the local LAN as well as on the internet, In order to make an internal server visible on the Internet, I use port-forwarding on my cable router: incoming http requests are forwarded to my web server.

The issue is that I want to shield some private pages from public access. Outside the local LAN, I want these pages to be password protected. At the same time, I want these pages to have no restrictions when I access them from another computer on the LAN at home.

This is how I did that:

In apache’s configuration file (/etc/httpd/httpd.conf) you can limit page access by based on the validity of one of multiple options. In my case:

  • you are allowed direct access based on a hostmask/IP address, or if that condition is not satisfied,
  • you have to enter a valid username/password.

You achieve this by adding  something like this inside a <Directory></Directory> or <Location></Location> block where you define the behaviour of a web page:

require valid-user
Allow from .myhome.lan
Satisfy any

What I assumed here was that your home computers all have hostnames which end on “.myhome.lan“. If the apache webserver receives a page request from one of your computers, you will automatically get access to your protected URL. If your computer hostname does not end on “.myhome.lan” (for instance when you access the webserver from a computer on the internet), the second pre-condition will be checked by the apache webserver. A login form will be presented to you and you will have to enter your credentials. If apache decides that your credentials are that of a “valid user” then you will get access to the page.

If your network at home does not use domain names for the computers (the “.myhome.lan” is the domain name used in the above example) then the above line “Allow from .myhome.lan” will not work. Fortunately, you can use (partial) IP address as well, so that the example would become:

require valid-user
Allow from 192.168
Satisfy any

which would give full access to any computer with an IP address in the range 192.168.0.0/16 .

For more information about protecting your web pages:

More tips will probably follow. I have a lot of these useful snippets for which a whole Wiki page is just too much.

Cheers, Eric

Comments

Comment from Cuetzpallin
Posted: March 25, 2009 at 16:29

Hey, sounds very good idea, let me read about it and i’ll try later.

It could be good for a family photo album

Comment from Meeddyjerma
Posted: April 29, 2011 at 11:53

Non Insulin Anti Diabetes Drugs http://www.foxspizzalasvegas.com/ – “lasix”
order lasix Lasix is a pretty strong diuretic. lasix medication Lasix is coming in the form of water pills. http://www.foxspizzalasvegas.com/ – buy lasix

Write a comment