Apache 基本身份验证(允许的除外) [英] Apache basic authentication except for those Allowed

问题描述

问题:我在/var/www/files/下有一些文件，我希望它们可以从特定的 IP 地址访问而无需用户/密码.但是，我希望任何其他 IP 地址都应该需要登录才能访问.

Problem: I have some files under /var/www/files/ that I want them to be accessed from specific IP addresses WITHOUT requiring user/password. However, I would like that any other IP address SHOULD require login to gain access.

这是在我的 httpd.conf 中:

This is in my httpd.conf:

<Directory /var/www/files/>
        Order deny,allow
        Deny from all
        Allow from 192.168 
        AuthUserFile /etc/apache2/basic.pwd 
        AuthName "Please enter username and password" 
        AuthType Basic 
        Require user valid-user 
</Directory>

但是，如果我理解正确，这意味着来自 192.168.* 的任何客户端都可以访问该目录，但需要有效用户才能查看其内容.任何其他 IP 地址都将被拒绝.对吗?

But, if I understood correctly, this means that any client coming from 192.168.* will have access to that directory BUT will require a valid-user to view its content. And any other IP address will be denied. right?

提前致谢.

推荐答案

edit:这可能是可以接受的答案，但很旧.对于新的 Apache 安装，请使用 Brians 在此处回答

edit: this may be accepted answer, but old. For new Apache installs, use Brians answer here

添加:Satisfy Any(这意味着应该通过这两个中的任何一个).

Add this: Satisfy Any (which means either of those 2 should be passed).

语法是:

Require valid-user

或者:

Require user <userid>

这篇关于Apache 基本身份验证(允许的除外)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！