通过虚拟主机的.htaccess基本身份验证? [英] .htaccess basic auth by virtual host?
问题描述
我想知道是否有可能建立基于在.htaccess文件的虚拟主机URL有条件的HTTP基本身份验证的要求。
I was wondering if it was possible to setup a conditional http basic auth requirement based on the virtual host URL in an .htaccess file.
例如我想要做的是有mysite.com和test.mysite.com在同一个目录,但密码跑出相同的code碱基保护test.mysite.com。这将是建立这种方式,这样我就不需要分支我的code,因为我的应用程序code可以看到它正在从提供其虚拟主机/ URL,并挑选服务从内容到数据库中。
For example what I want to do is have mysite.com and test.mysite.com run off the same code base in the same directory but password protect test.mysite.com. It would be setup this way so that I wouldn't need to branch my code since my app code can see which vhost/url it's being served from and pick the database to serve content from.
推荐答案
您可以排序的方法是使用 mod_setenvif
随着的mod_auth <杂牌这/ code>模块。使用
SetEnvIfNoCase
指令设置的主机有密码保护。你需要一些额外的指令来满足访问:
You can sort of kludge this by using mod_setenvif
along with the mod_auth
modules. Use the SetEnvIfNoCase
directive to set which host is password protected. You'll need a couple of extra directives to satisfy access:
# Check for the hostname here
SetEnvIfNoCase HOST ^test\.mysite\.com\.?(:80)?$ PROTECTED_HOST
然后目录
块(或只是在开放),你有你的权威性的东西安装在里面,是这样的:
Then inside the Directory
block (or just out in the open) you have your auth stuff setup, something like this:
AuthUserFile /var/www/test.mysite.com/htpasswd
AuthType Basic
AuthName "Password Protected"
现在的要求/满足的东西:
Now for the require/satisfy stuff:
Order Deny,Allow
Satisfy any
Deny from all
Require valid-user
Allow from env=!PROTECTED_HOST
这将使它所以任何主机不符合 ^测试\ .mysite \ .COM \。?(80)?$
将无需访问这是面向auth(允许从ENV =!PROTECTED_HOST
)但除此之外,我们需要一个有效的用户(需要有效的用户
) 。该满足任何
确保我们只需要2之一,无论是允许或要求。
This will make it so any host that doesn't match ^test\.mysite\.com\.?(:80)?$
will have access without need for auth (Allow from env=!PROTECTED_HOST
) but otherwise, we need a valid user (Require valid-user
). The Satisfy any
ensures that we just need one of the 2, either the Allow or Require.
这篇关于通过虚拟主机的.htaccess基本身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!