I am trying to configure an .htaccess file with the following requirements:
Block access to all files/folder by default
Make /myfolder/ accessible to everyone
Allow a specific IP to access everything
This is what I have tried
Order Deny,Allow
Deny from all
Allow from x.x.x.x
<FilesMatch "^my-folder(.*)$">
Allow from all
</FilesMatch>
my apache.conf
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/example/example.jp/
ProxyRequests off
ProxyPreserveHost on
<Directory /var/www/example/example.jp/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ProxyPass /ws !
alias /ws /var/www/example/example.jp/ws
<Directory /var/www/example/example.jp/ws>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
</VirtualHost>
myfolder exists inside ws.
problem is everything is being blocked.
Is there any issues in this config? Please help.
Edit: Below solution worked for me. I was using reverse proxy so I had to use
SetEnvIf X-Forwarded-For "^myip" ALLOWED_IP
Your Apache config looks fine.
In your site root .htaccess you can use auth directives like this:
SetEnvIf Request_URI "^/my-folder/" ALLOWED
Satisfy any
Order deny,allow
Deny from all
Allow from env=ALLOWED