views:

675

answers:

1

I would like to restrict access to my /admin URL to internal IP addresses only. Anyone on the open Internet should not be able to login to my web site. Since I'm using Lighttpd my first thought was to use mod_rewrite to redirect any outside request for the /admin URL back to my home page, but I don't know much about Lighty and the docs don't say much about detecting a 192.168.0.0 IP range. :/ Can anyone help me with this pretty simple request?

Thanx!
  Richard
+1  A: 

Try this:

$HTTP["remoteip"] == "192.168.0.0/16" {
    /* your rules here */
}

Example from the docs:

  # deny the access to www.example.org to all user which 
  # are not in the 10.0.0.0/8 network
  $HTTP["host"] == "www.example.org" {
    $HTTP["remoteip"] != "10.0.0.0/8" {
     url.access-deny = ( "" )
    }
  }
Endlessdeath
How would I restrict just a single path (i.e. /admin) with this structure?
RNHurt
$HTTP["host"] == "www.example.org" { $HTTP["remoteip"] != "10.0.0.0/8" { $HTTP["url"] =~ "^/admin/" { url.access-deny = ( "" ) } } }
Endlessdeath