binding htpasswd username and password with particular IP addresses
Hi..all, I added these below four lines in the document root section in /etc/apache2/sites-available/default file on ubuntu-11.04.
AuthType Basic
AuthName "Authorised Users Only"
AuthUserFile /etc/.auth_users
Require valid-user
Then I added users using "htpasswd -c /etc/.auth_users user1", "htpasswd /etc/.auth_users user2" and so on. Also changed the permission as "chmod 640 /etc/.auth_users" & "chown root.www-data /etc/.auth_users". Then restarted apache. Now the server is prompting for username & password.
Good, but I need some more security for our web server that as I need to bind each and every username(which is stored in /etc/.auth_users file) with particular IP address. Then other person will not be able to browse on other machine even the username and password get hacked. Is it possible to do so?
And is it possible to create groups and grant the permission as read only or read/write. Because we are running wiki pages and by default edit button is enabled. So anyone can edit or delete anything. I don't have much idea about pmwiki. So If I could enable as read only or read/write as per on group permission, we can avoid editing by unauthorized persons. I will be waiting for your kind response.
Regards
Roopa
|