Restricting Access To One Folder On Webserver

I have Apache webserver running on my personal computer so I can do testing locally (before embarrassing myself on the internet).  I am also networked locally to other computers in my home.  For reasons I won’t go into, I want to allow the other computers on my intranet access to one of my folders (but not all) on my webserver.  Maybe you have a test folder that you don’t want people at work to see (think ‘your boss might freak to see unfinished work’)?  This’ll work perfectly for that.

I thought at first that this was a job for .htaccess (and maybe that is one way to do it), but that’s not what I ended up modifying.  After a little research I discovered this could be done very easily by modifying Apache’s httpd.conf file.

If you’re looking to do something similar, try adding the following to the end of your Apache httpd.conf file (NOTE:  Do not add my comments as denoted here by #):

<LocationMatch "/">
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</LocationMatch>

# First thing we do is restrict everyone from our webserver except our own computer
# What folder do you want this rule to apply to?  We want this rule to apply to the root folder – denoted by /
# Who do we want this rule to apply to? We want this to apply to everyone – Deny from all
# We still want to have access from our own computer, right? Yup – Allow from 127.0.0.1 – that’s your computer

<LocationMatch "/folder_name_that_you_want_to_allow_access_to/">
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from 192.168.0
</LocationMatch>

# Now we list the folder we want this rule to apply to, deny access to all (always done first for security), then allow our computer access and other computers on our intranet
# What folder do you want this rule to apply to? We want this rule to apply to a specific folder – put the name of that folder in place of folder_name_that_you_want_to_allow_access_to
# Who do we want this rule to apply to? We want this to apply to everyone – Deny from all
# We still want to have access from our own computer, right? Yup – Allow from 127.0.0.1 – that’s your computer
# What other computers do we want to have access? On my intranet we’re using 192.168.0.X range (your intranet may use a different range), so we allow from 192.168.0 (it’s not a typo leaving the last period and number off here)

That’s all there is to it.  Of course, I’m assuming you have your webserver set up correctly, have pages that display properly, and the correct firewall settings.  Note:  You should check to see if your pages are displaying properly on your intranet before modifying your httpd.conf file.  Also, backing up the file before modifying it is a really smart thing to do.

Oh, almost forgot, if you serve pages to the internet, you need to add your proxy (ip address of your internet gateway) to your allows where appropriate (if different from your intranet ip range).

Note: If you copy the examples above, be sure the quotes are plain quotes (they should be) or the filter may not work.

This entry was posted in Computer Stuff and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter Captcha Here : *

Reload Image