How should I separate public and private pages on my webserver?
OK, so you want to restrict access to private projects by IP address, and you have the following directory structure:
DocumentRootis/var/www
- public projects are under
/var/www/public- private projects are under
/var/www/private
So, in your Apache configuration file (httpd.conf) add a <Directory> directive like:
<Directory /var/www/private>
Order deny,allow
Deny from all
Allow from 10.0.0.0/24
</Directory>
and everything under that directory will only be accessible if you're coming from the allowed network(s). (There are other ways to specify the Allowed hosts too).
My domain is
www.example.com.
I want to reach/var/www/html/public/publicproj1aswww.example.com/publicproj1and/var/www/html/private/privateproj1aswww.example.com/privateproj1
This is a bit harder. You're going to need rewrite rules or an Alias directive for each project. As you noted that's not an ideal situation, so let's look at some other options.
Configured as I described above with the directory structure you have you'll be able to access the directories as www.example.com/public/proj1 and www.example.com/private/proj1 out of the box.
If that works for you you're done.
If that's not a good enough solution, consider moving your public projects so they're directly under /var/www/html -- your public projects would then be accessible as www.example.com/publicproj1, and your private projects would be accessible with the /private/ bit added in. (Presumably you don't care so much about a little ugly in the URL of a "private" project, and this avoids the need to do any Aliasing for your public stuff).
Regarding the starting page, you can show content of startingpage folder if www.example.com is requested with the following rules:
RewriteEngine On
# Don't apply to URLs that go to existing files or folders.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Only apply to URLs that aren't already under folder.
RewriteCond %{REQUEST_URI} !^/startingpage/
RewriteRule ^(.*)$ /startingpage/$1
Related videos on Youtube
08 : 55
17 : 14
06 : 50
01 : 29
03 : 04
kissgyorgy
Updated on September 18, 2022Comments
-
kissgyorgy over 1 year
What I want to achieve
I have public and private sites on my webserver, and I would like to somehow separate them, but I want this separation to be invisible.
So for example DocumentRoot is/var/wwwpublic projects are under/var/www/public, private projects are under/var/www/private.
If domain iswww.example.comand I want to reachpublic/publicproj1the URL would bewww.example.com/publicproj1. Also if I wantprivate/privateproj1the URL would bewww.example.com/privateproj1.
I want to restrict/var/www/privateonly to local network, butpublicshould be accessible from anywhere.Ther are a ton of projects under
private, I don't want to make new settings inapache.confevery time I put something there.Also I want
/var/www/public/startingpageto be served if nothing else is requested, sowww.example.comwould show this page.
What I tried so far:
1.) made DocumentRoot to/var/wwwput public projects under it and a Rewrite Rule to theprivatefolder like this:RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ private/$1 [QSA]This doesn't work, because there are more .htaccess files on the folders under private folder. (for example applications with front controller, forums, etc. which need their own .htaccess)
2.) made DocumentRoot to
/var/www/private, but then public projects doesn't get served. (Can I make two Document roots with different Access options ?) I made entries likeAlias /publicproj1 /var/www/publicproj1but I have Redmine installed with this settings:RewriteEngine On RewriteRule ^/$ /redmine [R] <Directory /home/www/redmine> RailsBaseURI /redmine PassengerResolveSymlinksInDocumentRoot on </Directory>which I can't replace with a simple
Aliasentry (or can I ?)My questions
What folder structure should I create ? What redirect rules should I make ? How can I set/var/www/startingpageto show up when nothing else is requested ? -
kissgyorgy over 11 yearsdid you read my question ? I don't want to deal with passwords. I want to restrict based on IP address...
-
kissgyorgy over 11 yearsgood answer, but I did this too and I don't want to have
/private/in the URL.Could you tell me what rewrite rules should I use to redirect everything what is in private but not in root ? -
voretaq7 over 11 years@Walkman not specifically, because the rewrite rule would be particular to your environment. However you may find Everything you ever wanted to know about mod_rewrite rules but were afraid to ask helpful...
