views:

114

answers:

0

found answer, see end of the post

How do you restrict access to a file by IP, when you are hosted in a cluster/cloud environment (Rackspace Cloud, to be more specific). Yesterday, I asked a similar question here, and received the following answer, which worked great (thank you) in my local test environment.

<Files test.html>
    Order allow,deny
    Deny from all
    Allow from 123.123.123.123
</Files>

However, what I've came to find out w/ Rackspace Cloud is that by the time a visitor hits a page (or as far as .htaccess is concerned w/), the IP would have already changed.

I discovered this as I was testing the .htaccess directive, where my true IP would not give me access, but the site's own hosting IP works.

With some other tests, I also finds out that in their cloud environment, a visitor's IP is reported through "HTTP_X_FORWARDED_FOR" instead of "REMOTE_ADDR."

Does anyone have a good workaround w/ this? Is there a directive in .htaccess that I can change the IP .htaccess looks for?

(yes, I'm going to post this same question to Rackspace.)


answer added

so after few hours of head scratching w/ their online support, the directive to use, at least with Rackspace Cloud is this:

<Files filename.htm>
SetEnvIf X-Cluster-Client-Ip 000.000.000.000 allowclient
SetEnvIf X-FORWARDED-FOR 000.000.000.000 allowclient
order deny,allow
deny from all
allow from env=allowclient
</Files>

depending on if you have are behind a SSL-cluster or not, you'll use either "X-Cluster-Client-Ip"(non-SSL) or "X-FORWARDED-FOR" (SSL) directive to match up your ip.