How to allow access to a yii web application for specific users using .htaccess

SoftwareAccount · August 1, 2018, 12:26pm

[color=#242729][font=Arial,]I am using yii2 basic application template and developed an application. [/font][/color][color=#242729][font=Arial,]I am using VPS server for hosting this application on a domain on Host gator.[/font][/color]

[color=#242729][font=Arial,]

[/font][/color]

[font=Arial,]Now I want that only office users should access this application i.e, (while accessing this application using domain, .htaccess file should check if the IP accessing this domain is allowed to have access. If yes, then that IP should be able to have access, else that IP should see a message containing Access Denied).[/font]

[font=Arial,]If we do this then how to specify IP addresses in .htaccess file. Do we need to specify the static IP addresses of the employees in our organization?[/font]

[font=Arial,]If we write the foll code in .htaccess,[/font]

[font=Arial,]order allow,deny[/font]

[font=Arial,]allow 192.168.1.3[/font]

[font=Arial,]deny from all[/font]

[font=Arial,]

[/font]

[font=Arial,]Here, which IP address to be specified? Do we need to specify the Public IP or routers Private IP or static IP?[/font]

[font=Arial,][/font]

[font=Arial,]How to accomplish this?[/font]

newbiedo · August 2, 2018, 8:14pm

Questions:

[color=#242729][font=Arial,]I am using yii2 basic application template and developed an application. [/font][/color][color=#242729][font=Arial,]I am using VPS server for hosting this application on a domain on Host gator.[/font][/color]

[color=#242729][font=Arial,]

[/font][/color]

[font=Arial,]Now I want that only office users should access this application i.e, (while accessing this application using domain, .htaccess file should check if the IP accessing this domain is allowed to have access. If yes, then that IP should be able to have access, else that IP should see a message containing Access Denied).[/font]

[font=Arial,]If we do this then how to specify IP addresses in .htaccess file. Do we need to specify the static IP addresses of the employees in our organization?[/font]

[font=Arial,]If we write the foll code in .htaccess,[/font]

[font=Arial,]order allow,deny[/font]

[font=Arial,]allow 192.168.1.3[/font]

[font=Arial,]deny from all[/font]

[font=Arial,]

[/font]

[font=Arial,]Here, which IP address to be specified? Do we need to specify the Public IP or routers Private IP or static IP?[/font]

[font=Arial,][/font]

[font=Arial,]How to accomplish this?[/font]

I think you may have to reverse the lines, deny from all then allow from ip. The ip would be the external one, try a search for whatismyip.

SoftwareAccount · August 14, 2018, 11:12am

But if we specify the public IP i.e, external IP, then that IP will get changed when we connect to some other network.

We we WiFi to connect to the internet, as each employees uses laptops. So in our office we connect to the internet using WiFi. So if we go on specifying the public IP for each employees for this network, and if we stop the modem and again start it, then the Public IP gets changed for each employees. Then we need to specify IP each time as we restart or start the modem.

softark · August 15, 2018, 2:11am

You cannot accomplish what you want to do with IP filters of .htaccess.

Consider using the normal authentication/authorization scheme in the application layer.