We need to be able to have one of our client sites viewable by only a specific range of IP addresses.[nbsp][nbsp]Does anyone know how to do this? Please help!

Thanks

Yes, you can use an .htaccess file to do this. Let me find the code for you to use. I will post it in a few minutes.

If you have an .htaccess file in your (/big/dom/xdomain/www/) directory add the folowing code, with (xxx.xxx.xxx.) being your ip range. If its a whole block leave off the last set of digits and put the "." at the end. If you dont have a .htaccess open up a text editor and put that in it then save it as .htaccess and upload it. Also make sure it is named .htaccess .


<Limit GET POST>
order allow,deny
deny from all
allow from xxx.xxx.xxx.
</Limit>


For more information visit: http://www.apache.org/docs/
[This message has been edited by elite (edited 01-27-00@4:26 pm)]

Great - thank you so much![nbsp][nbsp]One more question.. i'm assuming this is ok, but want to make sure.[nbsp][nbsp]The site is actually a sub directory within the www/ directory, with the domain pointing to the sub directory.[nbsp][nbsp]
As long as the .htaccess file is in the sub directory, it won't affect the main /www/ directory will it? Or to be safe should we put the site on it's own account?

thank you!

You are correct - it will not affect the main domain's access at all, just whatever is in the directory containing the .htaccess file :)

Hope this helps.

------------------
Justin Nelson
FutureQuest Support

I think this is related so I'll ask it here.

What if I wanted to filter .co.uk (united kingdom users) such that when someone was coming from that domain I gave them additional (or different) (or less let's say) content from a perl .cgi script.[nbsp][nbsp]In my content producing script how would I read a user's domain and filter it?

Justin, I have another questions about this.[nbsp][nbsp]We received all the IP addresses they want to allow.[nbsp][nbsp]There are like 100 of them!! Can I add multiple addresses to the .htaccess file?[nbsp][nbsp]

They sent them like this:
128.94[nbsp][nbsp][nbsp][nbsp] Lucent[nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp]
130.143[nbsp][nbsp][nbsp][nbsp]Philips[nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp][nbsp]
135.1[nbsp][nbsp][nbsp][nbsp][nbsp][nbsp]Lucent
135.2[nbsp][nbsp][nbsp][nbsp][nbsp][nbsp]Lucent
...there are many more...

Can you suggest how to handle this?
thanks!

Could you use a password scheme instead? Or you can list them like:


<Limit GET POST>
order allow,deny
deny from all
allow from IP 1
allow from IP 2
allow from IP 3
</Limit>


I also think you can make a file of &quot;allowed&quot; ip's to make this easier. I will look into this, for now the above should work, but of course test it :)
[This message has been edited by elite (edited 01-31-00@4:57 pm)]

No, we tried pushing that, but they don't like that idea..[nbsp][nbsp]It's for Lucent so it would involve setting up ALL their employee passwords on our server.[nbsp][nbsp]Too much trouble, and they don't want to use one global password.[nbsp][nbsp]
It's got to be the IP filter thing according to them.[nbsp][nbsp]Any ideas on setting it up for multiple addresses?

The code I placed above should take care of it. Just supstitute &quot;IP 1&quot; &quot;IP 2&quot; etc with the ip's.

Then test it out of course :)

icrank: By default, the FQ servers don't perform any sort of reverse DNS lookup.[nbsp][nbsp]You would need to implement some sort of CGI or PHP script which would force a reverse DNS lookup for every IP accessing, then filter certain hostnames to certain parts of the site...

Thanks for the code - i'll try it out.

However, you lost me on the reverse DNS look up bit.[nbsp][nbsp]Will it still work if I don't create some script that you are talking about?[nbsp][nbsp]What will happen if we don't?[nbsp][nbsp](sorry, but i'm not even sure what you mean about the reverse DNS)

thanks

Three,

He was reffering to icrank's post.


I think this is related so I'll ask it here.

What if I wanted to filter .co.uk (united kingdom users) such that when someone was coming from that domain I gave them additional (or different) (or less let's say) content from a perl .cgi script.[nbsp][nbsp]In my content producing script how would I read a user's domain and filter it?


The solution I gave you should work, but as it’s a security related item test it to be safe :)

You also might want to recommend that you have some sort off password/username setup as an added shield of security. There are numerous programs that will let you set up a username/password from a simple form.