1

I have a secure site (.htaccess = Deny from all) that I want to allow certain people access to

However, they are using mobile laptops and have dynamics IPs allocated to them by the ISP

So, I downloaded no-ip client which should give them a host which can resolve to an IP.

However, when I put

Allow from xxx.no-ip.org

in the .htaccess file, I still get the forbidden page.

I have other fixed IP locations allowed - and working - and I have tested that xxx.no-ip.org resolves to the IP I want by using http://www.webyield.net/ipa.php.

Any ideas what I am doing wrong here?

Improve this question
1
  • as duskwuff pointed, no-ip does not help as client domain name is not used in the HTTP, and there's no way for your server to know it (except for reverse DNS which is not applicable to dynamic IPs). Commented Aug 6, 2012 at 8:38

2 Answers 2

Reset to default
3

Apache Allow and Deny rules use wildcards (e.g, Allow from *.example.com), and as such work on reverse DNS. Your users' IP addresses are not reversing to the no-ip.org address (they're probably resolving to something specific to the ISP), so Apache is denying them access.

You'd probably do best to just give them all usernames and passwords, and use HTTP authentication (via mod_authz_user or similar) to grant them access.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This can be achieved by using a script (modify to suit your needs):

#!/bin/bash # Dynamic IP .htaccess file generator # Written by Star Dot Hosting # www.stardothosting.com dynDomain="$1" htaccessLoc="$2" dynIP=$(/usr/bin/dig +short $dynDomain) echo "dynip: $dynIP" # verify dynIP resembles an IP if ! echo -n $dynIP | grep -Eq "[0-9.]+"; then exit 1 fi # if dynIP has changed if ! cat $htaccessLoc | /bin/grep -q "$dynIP"; then # grab the old IP oldIP=`cat /usr/local/bin/htold-ip.txt` # output .htaccess file echo "order deny,allow" > $htaccessLoc 2>&1 echo "allow from $dynIP" >> $htaccessLoc 2>&1 echo "allow from x.x.x.x" >> $htaccessLoc 2>&1 echo "deny from all" >> $htaccessLoc 2>&1 # save the new ip to remove next time it changes, overwriting previous old IP echo $dynIP > /usr/local/bin/htold-ip.txt fi

Than just cron it to generate a new line on the .htaccess file:

*/15 * * * * /bin/sh /usr/local/bin/.sh yourhostname.no-ip.org /var/www/folder/.htaccess > /dev/null 2>&1

Source: https://www.stardothosting.com

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.