combine basic auth and ip whitelisting

Antonio P.P. Almeida appa at perusio.net
Fri Apr 13 07:39:57 UTC 2012


> Hi,
>
> I have set up Apache for an existing site to use either ip whitelisting
> or basic authentication. If the user's IP is not on the IP whitelist, it
> asks him for a password. My htaccess file looks something like this:
>
> ---------------
> Order deny,allow
> Deny from all
> AuthName "Restricted Area"
> AuthUserFile /path/to/passwords
> AuthType Basic
> Require valid-user
> Allow from 123.456.789.10
> Allow from 123.456.789.11
> Satisfy Any
> ---------------

> Is it possible to do something like this with Nginx?

auth_basic "Restricted Area"; # realm
auth_basic_user_file /path/to/passwords;


allow 123.456.789.10;
allow 123.456.789.11;
deny all;

satisfy any;


--appa



More information about the nginx mailing list