apache2.4 .htaccess 限定ip address 存取特定url
紀錄一下
$ more .htaccess.prod <IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^$ public/ [L] RewriteRule (.*) public/$1 [L] </IfModule> #指定那些頁面要受限(!noauth), 其他的都是 noauth SetEnvIf Request_URI .* noauth SetEnvIf Request_URI "/data/search" !noauth SetEnvIf Request_URI "/data/new" !noauth SetEnvIf Request_URI "/data/create" !noauth SetEnvIf Request_URI "/data/delete" !noauth SetEnvIf Request_URI "/data/toggleenable" !noauth SetEnvIf Request_URI "/data/toggleforceupdate" !noauth <RequireAny> AuthType Basic AuthName "Restricted Content" #非限定 ip address的就做 basic auth, 對應 password file 路徑 AuthUserFile /var/opt/www/path/.htpasswd Require ip ALLOW_IP_1 Require ip ALLOW_IP_2 Require env noauth Require valid-user </RequireAny>