combine basic auth and ip whitelisting

Maxim Dounin mdounin at mdounin.ru
Thu Apr 12 21:48:09 UTC 2012


Hello!

On Thu, Apr 12, 2012 at 05:39:42PM -0400, jaynyc wrote:

> Hi,
> 
> I have set up Apache for an existing site to use either ip whitelisting
> or basic authentication. If the user's IP is not on the IP whitelist, it
> asks him for a password. My htaccess file looks something like this:
> 
> ---------------
> Order deny,allow
> Deny from all
> AuthName "Restricted Area"
> AuthUserFile /path/to/passwords
> AuthType Basic
> Require valid-user
> Allow from 123.456.789.10
> Allow from 123.456.789.11
> Satisfy Any
> ---------------
> 
> Is it possible to do something like this with Nginx?

http://nginx.org/r/satisfy

location / {
    satisfy any;

    allow 192.168.1.0/32;
    deny  all;

    auth_basic           "closed site";
    auth_basic_user_file conf/htpasswd;
}

Maxim Dounin



More information about the nginx mailing list