Asked  7 Months ago    Answers:  5   Viewed   29 times

How to allow access to file only to users with ip which are in a range of ip addresses?

For example file admin.php. and range from 0.0.0.0 to 1.2.3.4.

I need configure access to only ONE file not to directory.

 Answers

82

Just add a FilesMatch or Files directive to limit it to a specific script.

The following would block acces to all scripts ending in "admin.php" :

<FilesMatch "admin.php$">
    Order deny,allow
    Deny from all
    Allow from 10.0.0.0/24
</FilesMatch>

The following would ONLY block admin.php :

<Files "admin.php">
    Order deny,allow
    Deny from all
    Allow from 10.0.0.0/24
</Files>

For more information refer to the apache docs on Configuration Sections.

Wednesday, March 31, 2021
 
Gregosaurus
answered 7 Months ago
85
# Turn On ReWrite Engine
RewriteEngine On

# Exclude url.php and index.php from redirecting
RewriteCond %{REQUEST_URI} !^/(index|url).php

# Redirect to url.php
RewriteRule . url.php [NC,L]
Wednesday, March 31, 2021
 
Skipper
answered 7 Months ago
86

You can use directives like this to allow an IP range for certain URL:

# set env variable if URL is /rest or /rest/
SetEnvIf Request_URI "/rest(/.*)?$" rest_uri

Order deny,allow

# first deny all
Deny from all

# then allow if env var is not set
Allow from env=!rest_uri

# also allow your IP range
Allow from 10.1.0.0/16
Saturday, May 29, 2021
 
samayo
answered 5 Months ago
38

This will allow either someone from IP 127.0.0.1 or logged as a valid user. Stick it either in your config or .htaccess file.

    <Files learn.php>
        Satisfy any
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1

        AuthType Basic
        AuthName "private"
        AuthUserFile /var/www/phpexperts.pro/.htpasswd
        AuthGroupFile /dev/null
        Require valid-user
    </Files>

IP Alone:

    <Files learn.php>
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
    </Files>

That definitely answers your question.

Wednesday, June 30, 2021
 
nhunston
answered 4 Months ago
49

Please make a backup of your .htaccess file. Now remove all lines -- make it empty (there is too much noise there at the moment).

Add these lines to your empty .htaccess (should be in the root folder of your website):

RewriteEngine On
RewriteRule ^opslag/vis/(d+)$ /opslag/view.php?vis=$1 [NC,QSA,L] 

This should treat www.url.com/opslag/vis/11 as www.url.com/opslag/view.php?vis=11.

Please ensure that you have no more .htaccess files in opslag folder.

Saturday, July 31, 2021
 
Gabriele
answered 3 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :