阿帕奇访问控制

发布于 2024-07-08 16:20:53 字数 715 浏览 6 评论 0原文

我正在尝试将 Apache 配置为允许只读访问，并要求用户在来自本地网络 (10.*) 时写入 SVN 存储库，但不允许任何访问，除非在来自外部网络时登录。

我有点了解 Order、Deny、Allow 和 Limit 指令的工作原理，但我不知道是否可能/如何将它们组合起来以达到预期的结果。

<Location /svn>
  # Set mod_dav_svn settings
  DAV svn
  SVNListParentPath on
  SVNParentPath /mnt/svn
  AuthzSVNAccessFile /mnt/svn/.authz

  # Set Authentication
  AuthType Basic
  AuthName "Auth Realm"
  AuthUserFile /mnt/svn/.htpasswd

  Order Deny,Allow
  Deny from all
  Allow from 127.0.0.1 10.0.0.0/8

  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
  Satisfy Any
</Location>

我知道这将允许对任何本地流量的所有访问，但在尝试从外部流量写入时要求登录。这很接近我想要的。非常感谢任何有关阅读内容的帮助或建议。

原文

I'm trying to configure Apache to allow read only access and ask for user to write to a SVN repository when you are coming from the local network (10.*) but not allow any access unless logged in when coming from external network.

I sort of understand how the Order, Deny, Allow, and Limit directives work but I do not know if it is possible/how to combine them to achieve the desired result.

<Location /svn>
  # Set mod_dav_svn settings
  DAV svn
  SVNListParentPath on
  SVNParentPath /mnt/svn
  AuthzSVNAccessFile /mnt/svn/.authz

  # Set Authentication
  AuthType Basic
  AuthName "Auth Realm"
  AuthUserFile /mnt/svn/.htpasswd

  Order Deny,Allow
  Deny from all
  Allow from 127.0.0.1 10.0.0.0/8

  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept>
  Satisfy Any
</Location>

I know this will allow all access to any local traffic but ask for login when trying to write from external traffic. This is close to what I want. Any help or suggestions on what to read are greatly appreciated.

分享到QQ

分享到微博