tags:

views:

675

answers:

1
Q: 

How do you restrict access to certain paths using Lighttpd?

I would like to restrict access to my /admin URL to internal IP addresses only. Anyone on the open Internet should not be able to login to my web site. Since I'm using Lighttpd my first thought was to use mod_rewrite to redirect any outside request for the /admin URL back to my home page, but I don't know much about Lighty and the docs don't say much about detecting a 192.168.0.0 IP range. :/ Can anyone help me with this pretty simple request?

Thanx!
  Richard
+1  A: 

Try this:

$HTTP["remoteip"] == "192.168.0.0/16" {
    /* your rules here */
}

Example from the docs:

  # deny the access to www.example.org to all user which 
  # are not in the 10.0.0.0/8 network
  $HTTP["host"] == "www.example.org" {
    $HTTP["remoteip"] != "10.0.0.0/8" {
     url.access-deny = ( "" )
    }
  }
Endlessdeath  2008-12-13 08:16:22
How would I restrict just a single path (i.e. /admin) with this structure?
RNHurt  2008-12-16 15:55:57
$HTTP["host"] == "www.example.org" { $HTTP["remoteip"] != "10.0.0.0/8" { $HTTP["url"] =~ "^/admin/" { url.access-deny = ( "" ) } } }
Endlessdeath  2008-12-19 19:59:30

related questions

How to use apache's mod_rewrite rewriterule without changing relative paths
Do you have to restart apache to make re-write rules in the .htaccess take effect?
Apache Redirect only when entering a password
Apache mod_rewrite RewriteRule question
Apache Mod-Rewrite Primers?
apache mod_rewrite one rule for any number of possibilities
Getting IIS6 to play nice with WordPress Pretty Permalinks
How do I use mod_rewrite to change the path and filename of a URL
Mod-rewrites on apache: change all URLs
What are the bare basics you put down when you start a new PHP project?
How to rewrite an URL on a JBoss server?
.htaccess mod rewrite 301-redirect
How to make a web app appear at the root of the site?
How do I use .htaccess to redirect to a URL containing HTTP_HOST?
Using Apache mod_rewrite to remove sub-directories from URL
mod_rewrite equivalent for IIS 7.0
Apache rewrite based on subdomain
Apache - how do I build individual and/or all modules as shared modules
Any negative impacts when using Mod-Rewrite?
mod_rewrite rule to redirect all requests except for one specific path
mod_rewrite to alias one file suffix type to another
Mod-Rewrite loading files behind the DocumentRoot
Using mod_rewrite to Mimic SSL Virtual Hosts?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs