Apache2: Require password for remote users (and not local)

Sometimes it is nice to require password for a site, but only if they are not from a particular ip-number, i.e., users connected to your local Wireless LAN should be able to connect directly to your home server, while remote users needs a password.

Add the following snippet in the right location in one of your /etc/apache2/sites-enabled/ files:

<Location />
  Order deny,allow
  Deny from all
  # allow anybody at home to access this site
  Allow from 127.0.0.0/8 ::1/128 172.16.0.0/16
  # also allow if ther user login
  AuthType Basic
  AuthUserFile /home/www/.htpasswd/mw
  AuthName "beatrix"
  Require valid-user
  Satisfy any
</Location>

Of course replacing the parts in bold with your own details. A password file can be created using the command htpasswd.

Comments are closed.