Using Htaccess To Password Protect A Folder But Allowing Certain IPs Without A Password

I have setup FeedOnFeeds for aggregating various RSS feed I'm subscribed to. While not the prettiest, it is a decent piece of software which allows me check all my feeds in one place, and can be checked from any web enabled device. However there is no inbuilt authentication, so I have been protecting it with a htaccess file. Firefox can save the password, but having the password box pop-up every time I open my browser was getting annoying, so I decided to make life slightly easier for myself :) I access the Internet primarily from three ip addresses so it was easy to convince Apache to trust those. The .htaccess file for my FeedOnFeeds folder is now:
AuthUserFile /path/to/htpasswd
AuthName "FeedOnFeeds"
Authtype Basic
require valid-user
order deny,allow
deny from all
allow from
allow from
allow from localhost
Satisfy Any
Some info has been changed, enter valid ips and a proper path to the htpasswd file. When I go to my FeedOnFeeds folder now, Apache will check to see if I'm coming from an allowed ip address. If I am, it will allow me straight in unmolested. If I am coming from an unknown ip address, it will ask for a username and password, and check it against /path/to/htpasswd. Once I enter the right username and password, I will be allowed in. For FeedOnFeeds, the "allow from localhost" line is important. You tell FeedOnFeeds to check the rss feeds you are subscribed to by calling "/usr/bin/GET http:/" from cron on a regular basis. Without the "allow from localhost" line, you have to give GET a valid username and password. The net result of this, is that now I only get asked for a username and password when I'm out and about, which makes me a little less cranky :)

About this Entry

This page contains a single entry by Niall Donegan published on March 14, 2007 11:00 PM.

Godfather Pizza Unable To Respond To Customer Feedback was the previous entry in this blog.

SEC Taking Action Against Companies Benefiting From Spam is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.


OpenID accepted here Learn more about OpenID
Creative Commons License
This blog is licensed under a Creative Commons License.
Powered by Movable Type 5.02