views:

2797

answers:

1

Hi guys!

I want to restrict an entire site in such a way that just two IPs could enter the site. I have the following in my .htaccess (at the root of site):

ErrorDocument 403 http://www.example.com/views/error403.html

Order Deny,Allow
Deny from all
Allow from 311.311.311 322.322.322.322

ErrorDocument 404 /views/error404.html
ErrorDocument 500 views/error500.html

(Obviously, these are fake IPs, in my .htaccess they are the right IPs)

As you can see, I allow just 322.322.322.322 and all IPs from 311.311.311.0/24, and deny for the rest of people. What I want is that when anybody enter the site from another IP, he'll view the error403.html page.

The filter is working fine, but not the redirection. When I try to enter the site from a deny IP, I see an Apache message:

Found
The document has moved here

Where "here" is a link to error403.html.

I think I'm restricting even the error403.html page.

How can I do this restriction, but allowing the view of the error page? Should I move error403.html page to another directory (i.e., /views/error/ ) and put other .htaccess in it, allowing in that file all the IPs?

Thank you in advance!

+3  A: 

Yes, you have answered your own question. :) Move all non-protected pages into another directory with its own .htaccess containing the proper Allow and Deny.

Cheers, V.

vladr
I was wondering if would exist another pretier form to resolving this issue, but you've confirm my suspicion; I'll do it with another directory-htaccess pair.Thank you Vlad!
ARemesal
You can always do this from httpd.conf with fancier rules as to which directories are affected and which are not, but frankly it's not worth it unless you are havng performance issues with the use of .htaccess (which you won't unless you serve hundreds or thousands of requests per second.)
vladr
And this site is hosted in a shared machine where I can't change httpd.conf, so the solution with .htaccess is perfect for this.
ARemesal