我试图允许在我的Apache 2.2.3(Centos)服务器上访问单个位置(不存在的文件),以便能够实现paypal ipn监听器。 其他文件应保持密码保护。
如何在不登录的情况下访问单个位置?
下面的代码显示了我到目前为止所尝试的内容。
location指令选择正确的位置(我通过从全部写入deny来测试它)。
问题现在是服务器仍然要求为该位置设置密码。
我已尝试将location指令放入目录中但这会导致语法错误(即使文件指令允许)但我不能使用文件指令而是位置一,因为文件实际上不存在。
<Directory /var/www/vhosts/somedomain.net/subdomains/p103.myproject/httpdocs/public>
Order Deny,Allow
Options -Includes -ExecCGI
SetEnv APPLICATION_ENV "development"
AuthName "myproject"
AuthType Basic
AuthUserFile /var/www/vhosts/somedomain.net/subdomains/p103.myproject/.htpasswd
AuthGroupFile /var/www/vhosts/somedomain.net/subdomains/p103.myproject/.htgroups
Require group myproject
</Directory>
DocumentRoot /var/www/vhosts/somedomain.net/subdomains/p103.myproject/httpdocs/public
<Location "/ipn/sdsad8329ejslkdjasl">
Order Deny,Allow
Allow from all
Satisfy Any
</Location>
此处是文档的链接:http://httpd.apache.org/docs/2.2/
答案 0 :(得分:1)
您可以使用SetEnvIf与Request_URI进行匹配来设置变量,然后使用Satisfy any,Require group myproject和Allow的组合。
尝试这样的事情:
DocumentRoot /var/www/vhosts/somedomain.net/subdomains/p103.myproject/httpdocs/public
# Here we check if the request is for something we don't need to authorize
SetEnvIf Request_URI ^/ipn/sdsad8329ejslkdjasl NO_AUTH_NEEDED=1
<Directory /var/www/vhosts/somedomain.net/subdomains/p103.myproject/httpdocs/public>
Order Allow,Deny
Options -Includes -ExecCGI
SetEnv APPLICATION_ENV "development"
AuthName "myproject"
AuthType Basic
AuthUserFile /var/www/vhosts/somedomain.net/subdomains/p103.myproject/.htpasswd
AuthGroupFile /var/www/vhosts/somedomain.net/subdomains/p103.myproject/.htgroups
# This makes it so one of the 2 is good enough
Satisfy Any
# We allow first, but only if the NO_AUTH_NEEDED is set
Allow from env=NO_AUTH_NEEDED
# Otherwise, require a login
Require group myproject
</Directory>