Re: [users@httpd] .htaccess allow access to one file, deny the rest.

Thu, 25 Oct 2007 08:49:36 -0700

Thanx, that got me much closer. Unfortunately that page consists of multiple files, .css, .png, .cgi so I tried using this expression in the <Files> line, but it is not allowing those files to come through. From firefox, it prompts me for the .htaccess password credentials for the other files it seems, if I cancel through them, about 5 times I eventually get the page with the data I need to pull without the images. 

<Directory /usr/local/nagios/sbin/>
   Options ExecCGI
   SSLRequireSSL
   order deny,allow
   AuthType Basic
   AuthUserFile /usr/local/nagios/etc/passwd
   AuthName "nagios"
   require valid-user
<Files ~ "\.(css|cgi|png)$">
   Order Allow,Deny
   Allow from "An IP"
</Files>
Satisfy Any
</Directory>

With this from the access_log
An IP Address5 - - [25/Oct/2007:11:42:26 -0400] "GET /nagios/cgi-bin/ tac.cgi HTTP/1.1" 200 11705 An IP Address - - [25/Oct/2007:11:42:26 -0400] "GET /nagios/ stylesheets/common.css HTTP/1.1" 401 470 An IP Address - - [25/Oct/2007:11:42:28 -0400] "GET /nagios/ stylesheets/tac.css HTTP/1.1" 401 470 An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ thermcrit.png HTTP/1.1" 401 470 An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ tacdisabled.png HTTP/1.1" 401 470 An IP Address - - [25/Oct/2007:11:42:29 -0400] "GET /nagios/images/ tacenabled.png HTTP/1.1" 401 470 


--Doug



On Oct 24, 2007, at 3:41 PM, Joshua Slive wrote:


On 10/24/07, Doug Hairfield <[EMAIL PROTECTED]> wrote:


Fedora Core 4/apache2.0.59
Is it possible to use an htaccess file to deny access to everything in a directory EXCEPT one particular file and allow access to that file via IP 
address?  I have a script that needs to be able to hit
http://someurl/nagios/cgi-bin/tac.cgi. I am using the following .htaccess file to restrict access to our nagios page to a passwd file but allow access to the tac.cgi file. I can't seem to find an example anywhere for what I am 
doing.


You need
Satisfy Any
See:
http://wiki.apache.org/httpd/ BypassAuthenticationOrAuthorizationRequirements 

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to