.htaccess/.htpasswd 绕过如果在某个 IP 地址 [英] .htaccess / .htpasswd bypass if at a certain IP address

问题描述

是否可以为给定目录设置 .htaccess/.htpasswd 访问控制设置，但如果它们来自特定 IP 地址，则绕过登录/密码身份验证?

Is it possible to have an .htaccess/.htpasswd access control setup for a given directory, but if they are from a specific IP address, bypass the login/password authentication?

我知道你可以在 .htaccess 文件中做这样的事情:

I know you can do something like this in the .htaccess file:

order deny,allow
deny from all
allow from 000.000.000.000

但是，如果您按照以下方式添加一些内容:

But if you add something along these lines:

AuthType Basic
AuthName "restricted area"
AuthUserFile /path/to/.htpasswd
require valid-user

然后它会提示输入密码.有没有办法进行 if/else 类型设置，或其他一些解决方案，以便作为给定 IP(或 IP 集)的用户不会被提示输入密码，但其他人都这样做?

Then it prompts for the password. Is there any way to do an if/else type setup, or some other solution so that users as a given IP (or set of IPs) don't get prompted for a password, but everyone else does?

推荐答案

对于 2.2.X 版本，您可以使用以下...

For versions 2.2.X you can use the following...

AuthUserFile /var/www/mysite/.htpasswd
AuthName "Please Log In"
AuthType Basic
require valid-user
Order allow,deny
Allow from xxx.xxx.xxx.xxx
satisfy any

显然替换您的用户文件的路径和您希望绕过身份验证的 IP 地址.

Obviously replace the path to your usersfile and the ip address which you would like to bypass the authentication.

具体细节的进一步解释，可以在:http://httpd.apache.org/docs/2.2/howto/auth.html

Further explanation of the specifics, can be found at: http://httpd.apache.org/docs/2.2/howto/auth.html

这篇关于.htaccess/.htpasswd 绕过如果在某个 IP 地址的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！