in reply to Re: Discriminating between local and remote IP's (Apache ACLs)
in thread Discriminating between local and remote IP's

I was wondering if you could do in through Apache by <Listen>ing on both the external and internal IP then set up a virtual host for each ip address. Add Apache auth to the external host. 
Listen xxx.xxx.xxx.xxx:80
Listen 192.168.xxx.xxx:80

<VirtualHost xxx.xxx.xxx.xxx:80>
   <Location />
      AuthType Basic
      ...
   </Location>
</VirtualHost>

<VirtualHost 192.168.xxx.xxx:80>
   <Location />
      #AuthType Basic
      ...
   </Location>
</VirtualHost>

[download]
(untested and refers to Apache 2.0)

Replies are listed 'Best First'.
Re^3: Discriminating between local and remote IP's (Apache ACLs)
by Golo (Friar) on Oct 05, 2004 at 13:23 UTC
    Using virtual hosts to bypass authentication is not really a good idea as it solely relies on the assumption that someone outside won't know the internal vhost name. And as (AFAIK) this only needs to be send in the HTTP header it would make it very easy to manipulate (an attacker would only have to change his hosts file).
    Update: Silly me, above example isn't about name-based vhosts...
[reply]

In Section Seekers of Perl Wisdom