.htaccess / .htpasswd bypass if at a certain IP address

apache2 .htaccess basic-authentication

Solution 1:

For versions 2.2.X you can use the following...

AuthUserFile /var/www/mysite/.htpasswd
AuthName "Please Log In"
AuthType Basic
require valid-user
Order allow,deny
Allow from xxx.xxx.xxx.xxx
satisfy any

Obviously replace the path to your usersfile and the ip address which you would like to bypass the authentication.

Further explanation of the specifics, can be found at: http://httpd.apache.org/docs/2.2/howto/auth.html

Solution 2:

If you use apache >=2.4, it would be something like this:

<If "%{REMOTE_ADDR} != '127.0.0.1'">
  AuthType Basic
  AuthName "restricted area"
  AuthUserFile /path/to/.htpasswd
  require valid-user
</If>

For more info take a look at the docs.

Solution 3:

I am running Apache/2.2.16 (Debian), and had a similar problem, I solved it like this:

(This can be run in both an .htaccess file or directly in the virtualhost under <Location/>)

Order deny,allow
Deny from all
AuthType Basic
AuthUserFile /home/somesite/.htpasswd
AuthName "No entry, unless"
Require Valid-user
Allow from x.x.x.x
Allow from x.x.x.x
Satisfy Any

I allowed entry without password from two different ip, and the rest must enter password to enter.

Solution 4:

Apache 2.4 compatible:

AuthType Basic
AuthUserFile /www/.htpasswd
AuthName "Protected Area"

<RequireAny>
    Require ip 1.2.3.4
    Require valid-user
</RequireAny>

See the migration guide Upgrading to 2.4 from 2.2 for more examples.

Related

Recent Posts

org.apache.kafka.common.errors.TimeoutException: Topic not present in metadata after 60000 ms

Why my code runs infinite time when i entered non integer type in c++ [duplicate]

How to retrieve Instagram username from User ID?

Serverless Framework - Variables resolution error

How do we access a file in github repo inside our azure databricks notebook