1 |
On 04/03/12 15:06, Tanstaafl wrote: |
2 |
> I've never had a need to protect a site like this so am totally new to |
3 |
> it... |
4 |
> |
5 |
> I've been reading, and everything says that digest-auth is preferred to |
6 |
> basic-http-auth (yes, I know that this isn't a very sophisticated level |
7 |
> of protection, but it is all we need for this site), but is there also a |
8 |
> way to whitelist certain static IP address so people on those don't get |
9 |
> prompted for a username/password? |
10 |
> |
11 |
> Thanks for any pointers to tfm... |
12 |
> |
13 |
|
14 |
From http://httpd.apache.org/docs/2.2/mod/core.html#satisfy, |
15 |
|
16 |
For example, if you wanted to let people on your network have |
17 |
unrestricted access to a portion of your website, but require that |
18 |
people outside of your network provide a password, you could use a |
19 |
configuration similar to the following: |
20 |
|
21 |
See also: |
22 |
|
23 |
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html |
24 |
|
25 |
for the "Allow from..." docs. |