Allowing users in from an IP address without certificate client authentication
Posted
by
John
on Server Fault
See other posts from Server Fault
or by John
Published on 2012-07-27T14:42:24Z
Indexed on
2012/08/31
15:42 UTC
Read the original article
Hit count: 224
I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside.
Here is my configuration:
<Directory /srv/www>
AllowOverride All
Order deny,allow
Deny from all
# office network static IP
Allow from xxx.xxx.xxx.xxx
SSLVerifyClient require
SSLOptions +FakeBasicAuth
AuthName "My secure area"
AuthType Basic
AuthUserFile /etc/httpd/ssl/index
Require valid-user
Satisfy Any
</Directory>
When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate.
When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen
and following configuration works perfectly
<Directory /srv/www>
AllowOverride All
Order deny,allow
Deny from all
Allow from xxx.xxx.xxx.xxx
AuthUserFile /srv/www/htpasswd
AuthName "Restricted Access"
AuthType Basic
Require valid-user
Satisfy Any
</Directory>
© Server Fault or respective owner