LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-01-2012, 01:54 PM   #1
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Rep: Reputation: 0
Apache Restrict Access to Specific URL Based on IP


I have a wordpress multi-site server running on Ubuntu. I need to restrict access to two of the wordpress sub-sites to a specific subnet. For example:

http://www.mywp.com/jobs
http://www.mywp.com/apples

These two subsites are only access via 192.168.*.* ( or in CIDR notation 192.168.0.0\16), and 104.113.*.*

I have explored many options the most promising is the apache mod_rewrite approach; however, I have found that rewriting works for directories. Wordpress doesn't have a typical tree stucture, i.e. http://www.mywp.com/jobs doesn't correspond to /var/www/jobs, and in fact http://www.mywp.com/jobs doesn't have a single file or directory representation at all. Thus thus there is no corresponding .htaccess file for /jobs. I don't see how to attach a URL instead of a directory to the rewrite rule. Here are the rewrite concepts I have been playing with:

Code:
<IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteCond %{REMOTE_ADDR} ^192.168\. [OR]
 RewriteCond %{REMOTE_ADDR} ^104\.113\. [OR]
 RewriteRule ^(/jobs*)$ / [F,L]
</IfModule>
Which is also backwards as far as restriction goes since this redirects ../jobs to the home page.

Code:
<Limit GET POST PUT>
 order deny,allow
 deny from all
 allow from 192.168.
 deny from 104.113.
</Limit>
Which makes more sense to me but still doesn't attach to a URL. Can anyone suggest methods for restricting access to a URL based on IP without a per directory or .htaccess approach?
 
Old 11-01-2012, 05:14 PM   #2
larvel
LQ Newbie
 
Registered: Jun 2012
Posts: 29

Rep: Reputation: Disabled
Have you tried Location match?
 
Old 11-01-2012, 06:39 PM   #3
Obscurious
LQ Newbie
 
Registered: Jun 2009
Distribution: Debian, RHEL, FreeBSD
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by larvel View Post
Have you tried Location match?
Marvelous! This worked perfectly:

Code:
      <Location /jobs>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>

      <Location /apples>
                Order deny,allow
                deny from all
                allow from 192.168.
                allow from 104.113.
      </Location>
Which yields a 403 Forbidden to everyone else. Thanks, I did not know this directive existed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] IPTABLES: Restrict Internet access based on time of day and MAC address ScottSmith Linux - Security 7 02-09-2010 02:25 AM
how to restrict specific users to access restricted sites in squid subhojit Linux - Security 2 11-07-2009 10:15 AM
apache rewrite port based on URL.. can it? sir-lancealot Linux - Server 1 05-13-2009 02:06 AM
Restrict access times for specific IP addresses? gjhicks Linux - Networking 11 11-02-2006 10:42 PM
Squid- restrict access to url jocast Linux - Software 0 03-10-2006 01:59 PM


All times are GMT -5. The time now is 08:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration