Combining IP Authentication and Basic Authentication in Apache - CentOS 7

This article explains how to combine IP authentication and basic authentication in Apache.

For example, let's say you want to require no authentication for internal access, but a password for external access.

Access from inside the company can be controlled by the global IP address.

If a password is required, basic authentication can be used. For security purposes, the connection should be an HTTPS connection.

If you are using virtual hosts, put this in the directive for each virtual host.

If you are using a reverse proxy, put it in the Proxy directive. You can remove the original access restriction settings.

  <RequireAny>
    # IP Authentication
    Require ip 192.168.10.10
    
    # Basic authentication
    AuthType Basic
    AuthName "Secret Zone"
    AuthUserFile /var/www/.htpasswd
    Require valid-user
  </RequireAny>

RequireAny will result in successful authentication if any of the following succeeds: IP authentication succeeds, or Basic authentication succeeds.

CentOS Server Construction

Combining IP Authentication and Basic Authentication in Apache - CentOS 7

Associated Information