Created
April 23, 2020 17:05
-
-
Save cuonghuynh/2b4776743d4d20272ec343916d6a1d30 to your computer and use it in GitHub Desktop.
Combine Apache's HTTP authentication with X-Forwarded-For IP whitelisting in a reverse proxy Loadbalancer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Require all denied | |
| AuthName "Restricted Area" | |
| AuthType Basic | |
| AuthBasicProvider file | |
| AuthUserFile /path/to/your/.htpasswd | |
| Require valid-user | |
| # Normal whitelist would just add Allow directives | |
| Require ip 12.34.56.7 | |
| Require ip 12.34.56.8 | |
| # Allow from an IP in the X-Forwarded-For header | |
| SetEnvIF X-Forwarded-For "12.34.56.7" AllowIP | |
| SetEnvIF X-Forwarded-For "12.34.56.8" AllowIP | |
| Require env AllowIP | |
| # ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment