How to place additional access-restrictions on a subdirectory in Apache?
- by Mikhail T.
We have a list of "internal" IP-addresses and only allow access to the server (Location /) from that list:
<Location />
Require ip x.x.x.x
Require ip y.y.y.y
</Location>
I need to further restrict access to a sub-directory (Location /foo) to authenticated users (Require valid-user).
Whatever I do, I never get prompted for login to access /foo -- Apache simply grants me access, because my IP-address is on the list (for Location /).
I cycled through all three different values of AuthMerging (off, and, or) to no avail... Must be something really stupid :-/ Using httpd-2.4.6. Thank you!