htaccess密码保护但不在localhost上

时间:2022-09-16 23:01:34

I have set up a dev site and want to password protect it so only validated visitors can view the site. All well and good. I am getting annoyed, on my local version, entering my username and password. So, without changing the htaccess file between my local copy and the one on the dev site, how do I password protect the site but allow myself access without having to enter my username and password?

我已经设置了一个开发站点,并希望对其进行密码保护,因此只有经过验证的访问者才能查看该站点。一切都很好。我在我的本地版本上输入我的用户名和密码时感到恼火。因此,如果不更改我的本地副本和开发站点上的htaccess文件,我如何密码保护站点但允许自己访问而无需输入我的用户名和密码?

6 个解决方案

#1


15  

Something like this should do the trick..

像这样的东西应该做的伎俩..

Require valid-user
Allow from 127.0.0.1
Satisfy Any

From: http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

来自:http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

#2


4  

I've figured out a cool way to seperate Linux from Windows password files (because I develop in windows and then release to a linux production server).

我已经找到了一种从Windows密码文件中分离Linux的一种很酷的方式(因为我在Windows中开发然后发布到Linux生产服务器)。

I just wrote a php script with phpinfo(); on our local and prod server and found the apache module 'mod_win32' to seperate the two of them.

我刚刚用phpinfo()写了一个php脚本;在我们的本地和prod服务器上,找到了apache模块'mod_win32'来分隔它们中的两个。

<IfModule mod_win32.c>
    AuthUserFile C:\xampplite\your\windows\path.passwd
</IfModule>
<IfModule !mod_win32.c>
    AuthUserFile "/your/linux/path/.passwd"
</IfModule>
AuthName "Please Login"

RewriteEngine On
AuthType Basic
Require valid-user

#3


1  

Presuming that you are fine entering the password on the dev site - put the auth directives in a VirtualHost on the dev site rather than in the .htaccess file - this way your auth is processed at a server level rather than a directory level.

假设您可以在开发站点上输入密码 - 将auth指令放在开发站点而不是.htaccess文件中的VirtualHost中 - 这样您的auth将在服务器级别而不是目录级别进行处理。

Also, most modern browsers will probably save your password for you :)

此外,大多数现代浏览器可能会为您保存密码:)

#4


0  

As discussed here you could use allow from to allow access from a specific host.

如此处所述,您可以使用allow from来允许来自特定主机的访问。

#5


0  

Since Apache 2.4 you can also surround your password protection by checking against the HTTP_HOST environment variable like this:

从Apache 2.4开始,您还可以通过检查HTTP_HOST环境变量来保护您的密码保护,如下所示:

<If "%{HTTP_HOST} != 'localhost'">
    # Your password protection code
</If>

See also the answer from Mark Fox to the question about accessing the environment variables.

另请参阅Mark Fox关于访问环境变量的问题的答案。

#6


0  

Example for Windows:

Windows示例:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile C:/Apache24/htdocs/.htpasswd
Require valid-user
Order allow,deny
Allow from localhost
Allow from 127.0.0.1
Satisfy Any

#1


15  

Something like this should do the trick..

像这样的东西应该做的伎俩..

Require valid-user
Allow from 127.0.0.1
Satisfy Any

From: http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

来自:http://httpd.apache.org/docs/2.0/mod/core.html#satisfy

#2


4  

I've figured out a cool way to seperate Linux from Windows password files (because I develop in windows and then release to a linux production server).

我已经找到了一种从Windows密码文件中分离Linux的一种很酷的方式(因为我在Windows中开发然后发布到Linux生产服务器)。

I just wrote a php script with phpinfo(); on our local and prod server and found the apache module 'mod_win32' to seperate the two of them.

我刚刚用phpinfo()写了一个php脚本;在我们的本地和prod服务器上,找到了apache模块'mod_win32'来分隔它们中的两个。

<IfModule mod_win32.c>
    AuthUserFile C:\xampplite\your\windows\path.passwd
</IfModule>
<IfModule !mod_win32.c>
    AuthUserFile "/your/linux/path/.passwd"
</IfModule>
AuthName "Please Login"

RewriteEngine On
AuthType Basic
Require valid-user

#3


1  

Presuming that you are fine entering the password on the dev site - put the auth directives in a VirtualHost on the dev site rather than in the .htaccess file - this way your auth is processed at a server level rather than a directory level.

假设您可以在开发站点上输入密码 - 将auth指令放在开发站点而不是.htaccess文件中的VirtualHost中 - 这样您的auth将在服务器级别而不是目录级别进行处理。

Also, most modern browsers will probably save your password for you :)

此外,大多数现代浏览器可能会为您保存密码:)

#4


0  

As discussed here you could use allow from to allow access from a specific host.

如此处所述,您可以使用allow from来允许来自特定主机的访问。

#5


0  

Since Apache 2.4 you can also surround your password protection by checking against the HTTP_HOST environment variable like this:

从Apache 2.4开始,您还可以通过检查HTTP_HOST环境变量来保护您的密码保护,如下所示:

<If "%{HTTP_HOST} != 'localhost'">
    # Your password protection code
</If>

See also the answer from Mark Fox to the question about accessing the environment variables.

另请参阅Mark Fox关于访问环境变量的问题的答案。

#6


0  

Example for Windows:

Windows示例:

AuthType Basic
AuthName "Password Protected Area"
AuthUserFile C:/Apache24/htdocs/.htpasswd
Require valid-user
Order allow,deny
Allow from localhost
Allow from 127.0.0.1
Satisfy Any