0

Is it possible to allow access to specific URLs only to certain networks? Basically, I would like to restrict access to the admin area only to the local network This area's pages are prefixed by /admin Essentially, I would like all /admin/* to be forbidden from public access.

Can apache handle such a case?

Thanks

UPDATE

Using your suggestions I came up to

 <LocationMatch admin> Order allow,deny deny from all Allow From 192.168.11.0/255.255.255.0 </LocationMatch>

However, I get 403 even though I am on the network.

Additionally, if I put apache behind haproxy, is this going to work? Because the traffic will be coming from 127.0.0.1 to apache

UPDATE 1

Correct directive is as follows

 <LocationMatch admin> Order deny,allow deny from all Allow From 192.168.11 </LocationMatch>

However, the problem with the proxy in front of apache is not handled by the above Is there any way to overcome it?

Improve this question
4
  • As documented, the above is not valid. Use ip.pre.fix instead. You also don't need to use LocationMatch here. Commented Oct 27, 2013 at 19:06
  • Feeling a bit stupid here. Based on the docs this is valid notation. What do you mean by ip prefix? Commented Oct 27, 2013 at 21:05
  • Oh, it is valid. just use 192.168.11.0/24 then. But that is identical to 192.168.11 Commented Oct 27, 2013 at 21:35
  • Tried with 192.168.11 as well, but with no luck Commented Oct 28, 2013 at 16:41

1 Answer 1

Reset to default
1

As documented in http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html, this is trivially done inside a Directory container as follows:

<Directory /your/document/root/admin> Order allow,deny allow from your.internal.network deny from all </Directory>
Improve this answer
3
  • The problem is that there is no admin directory. All urls are handled by the MVC framework with a front controller. Commented Oct 27, 2013 at 17:37
  • Try <Location> instead? httpd.apache.org/docs/2.2/mod/core.html#location Commented Oct 27, 2013 at 17:50
  • Please check my updated question Commented Oct 27, 2013 at 18:49

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.