[opensuse] apache rewrite - howto allow http from local lan but require https from outside?
Listmates, A question for our web gurus (Per you listening). I have content on my server, separated into directories, that is protected by basic authorization. Nothing sensitive, kids pictures, etc. set up for family to view/download. Any time a password is required from a remote host, I force a https rewrite. However, I would like to allow access from the local lan with simple http. How do I accomplish this? If it were bash, the logic flow would be: if [ local lan access ]; then allow http access else force https rewrite fi We have both the <Directory> definitions and .htaccess files to work with. mod_rewrite is loaded and working. Anybody familiar with doing this in apache? I'll keep digging through the manual, but if anyone could narrow my search, I would greatly appreciate it. -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin escribió:
How do I accomplish this? If it were bash, the logic flow would be:
see this http://www.modssl.org/docs/2.8/ssl_howto.html#auth-intranet you need to adapt it to your actual setup, though. -- "Progress is possible only if we train ourselves to think about programs without thinking of them as pieces of executable code.” - Edsger W. Dijkstra Cristian Rodríguez R. Platform/OpenSUSE - Core Services SUSE LINUX Products GmbH Research & Development http://www.opensuse.org/
David C. Rankin wrote:
Listmates,
A question for our web gurus (Per you listening). I have content on my server, separated into directories, that is protected by basic authorization. Nothing sensitive, kids pictures, etc. set up for family to view/download. Any time a password is required from a remote host, I force a https rewrite. However, I would like to allow access from the local lan with simple http.
How do I accomplish this? If it were bash, the logic flow would be:
if [ local lan access ]; then
allow http access
else
force https rewrite
fi
Hi David I think it's fairly straight forward - just add a RewriteCond: RewriteCond %{REMOTE_ADDR} ^192\.168\. (assuming your local network is 192.168.0.0). /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Hi David
I think it's fairly straight forward - just add a RewriteCond:
RewriteCond %{REMOTE_ADDR} ^192\.168\.
(assuming your local network is 192.168.0.0).
That should have been RewriteCond %{REMOTE_ADDR} !^192\.168\. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Per Jessen wrote:
Hi David
I think it's fairly straight forward - just add a RewriteCond:
RewriteCond %{REMOTE_ADDR} ^192\.168\.
(assuming your local network is 192.168.0.0).
That should have been
RewriteCond %{REMOTE_ADDR} !^192\.168\.
/Per Jessen, Zürich
Thanks Christian, Per, You guys are both geniuses. Worked like a charm: <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REMOTE_ADDR} !^192\.168\.6\. RewriteCond %{HTTPS} !=on RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L] </IfModule> -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Cristian Rodríguez -
David C. Rankin -
Per Jessen