我有一个网站,即时尝试设置.htaccess/.htpasswd密码限制,但同时允许任何具有特定IP地址访问权限的用户。获取.htaccess允许指定的IP访问,但请求.htpasswd用户+密码,如果来自任何其他IP
到目前为止,我的.htaccess文件中实现了这一点,但由于某种原因,这个dosnt的工作,如果我访问该网站,无论从哪个IP地址,它允许访问,如果我注释掉order deny,allow
Allow from 192.87.22.18
线,密码保护的作品,但是从大家请求IP,即使从192.87.22.18
IP(注意 - 不是我的真实IP)访问
(我还没有发表我的原因很明显htpasswd文件,但它是1行包含1散列密码)
任何想法?
<Files ~ "^\.(htaccess|.htpasswd)$">
deny from all
</Files>
DirectoryIndex index.php
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.example\.example\.co\.uk)(:80)? [NC]
RewriteRule ^(.*) http://example.example.co.uk/$1 [R=301,L]
order deny,allow
<Files ~ "^\.(htaccess|.htpasswd)$">
deny from all
</Files>
AuthType Basic
AuthName "Please enter your ID and password"
AuthUserFile /var/www/vhosts/example.co.uk/subdomains/example/httpdocs/.htpasswd
AuthGroupFile /dev/null
require valid-user
order deny,allow
Allow from 192.87.22.18
# satisfy any
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index\.php(/(.*)|$) %{CONTEXT_PREFIX}/$2 [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule .? - [L]
RewriteCond %{REQUEST_URI}::$1 ^(/.+)(.+)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteRule .? %{ENV:BASE}index.php [L]
您是否在htaccess中有任何其他指令? – starkeen
@starkeen是的,但它只做php配置,所以我没有将它包含在上面,这是它是什么:'RemoveType .php \t AddHandler application/php5-fcgi php \t Action application/php5-fcgi/cgi-bin/php5fcgi.fcgi' – sam