How should I separate public and private pages on my webserver?
OK, so you want to restrict access to private
projects by IP address, and you have the following directory structure:
DocumentRoot
is/var/www
- public projects are under
/var/www/public
- private projects are under
/var/www/private
So, in your Apache configuration file (httpd.conf
) add a <Directory>
directive like:
<Directory /var/www/private>
Order deny,allow
Deny from all
Allow from 10.0.0.0/24
</Directory>
and everything under that directory will only be accessible if you're coming from the allowed network(s). (There are other ways to specify the Allow
ed hosts too).
My domain is
www.example.com
.
I want to reach/var/www/html/public/publicproj1
aswww.example.com/publicproj1
and/var/www/html/private/privateproj1
aswww.example.com/privateproj1
This is a bit harder. You're going to need rewrite rules or an Alias
directive for each project. As you noted that's not an ideal situation, so let's look at some other options.
Configured as I described above with the directory structure you have you'll be able to access the directories as www.example.com/public/proj1
and www.example.com/private/proj1
out of the box.
If that works for you you're done.
If that's not a good enough solution, consider moving your public projects so they're directly under /var/www/html
-- your public projects would then be accessible as www.example.com/publicproj1
, and your private projects would be accessible with the /private/
bit added in. (Presumably you don't care so much about a little ugly in the URL of a "private" project, and this avoids the need to do any Alias
ing for your public stuff).
Regarding the starting page, you can show content of startingpage
folder if www.example.com
is requested with the following rules:
RewriteEngine On
# Don't apply to URLs that go to existing files or folders.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Only apply to URLs that aren't already under folder.
RewriteCond %{REQUEST_URI} !^/startingpage/
RewriteRule ^(.*)$ /startingpage/$1
Related videos on Youtube
kissgyorgy
Updated on September 18, 2022Comments
-
kissgyorgy over 1 year
What I want to achieve
I have public and private sites on my webserver, and I would like to somehow separate them, but I want this separation to be invisible.
So for example DocumentRoot is/var/www
public projects are under/var/www/public
, private projects are under/var/www/private
.
If domain iswww.example.com
and I want to reachpublic/publicproj1
the URL would bewww.example.com/publicproj1
. Also if I wantprivate/privateproj1
the URL would bewww.example.com/privateproj1
.
I want to restrict/var/www/private
only to local network, butpublic
should be accessible from anywhere.Ther are a ton of projects under
private
, I don't want to make new settings inapache.conf
every time I put something there.Also I want
/var/www/public/startingpage
to be served if nothing else is requested, sowww.example.com
would show this page.
What I tried so far:
1.) made DocumentRoot to/var/www
put public projects under it and a Rewrite Rule to theprivate
folder like this:RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ private/$1 [QSA]
This doesn't work, because there are more .htaccess files on the folders under private folder. (for example applications with front controller, forums, etc. which need their own .htaccess)
2.) made DocumentRoot to
/var/www/private
, but then public projects doesn't get served. (Can I make two Document roots with different Access options ?) I made entries likeAlias /publicproj1 /var/www/publicproj1
but I have Redmine installed with this settings:RewriteEngine On RewriteRule ^/$ /redmine [R] <Directory /home/www/redmine> RailsBaseURI /redmine PassengerResolveSymlinksInDocumentRoot on </Directory>
which I can't replace with a simple
Alias
entry (or can I ?)My questions
What folder structure should I create ? What redirect rules should I make ? How can I set/var/www/startingpage
to show up when nothing else is requested ? -
kissgyorgy over 11 yearsdid you read my question ? I don't want to deal with passwords. I want to restrict based on IP address...
-
kissgyorgy over 11 yearsgood answer, but I did this too and I don't want to have
/private/
in the URL.Could you tell me what rewrite rules should I use to redirect everything what is in private but not in root ? -
voretaq7 over 11 years@Walkman not specifically, because the rewrite rule would be particular to your environment. However you may find Everything you ever wanted to know about mod_rewrite rules but were afraid to ask helpful...