I have recently discovered the ” Satisfy ” directive in .htaccess. If we need to add htpasswd based authentication to a folder in apache webserver and we need to bypass this authentication for a few predefined IPs, then we can use this directive.

According to the apache documentation,  ” Satisfy is used as an access policy if both Allow and Require used. The parameter can be either ‘all’ or ‘any’. This directive is only useful if access to a particular area is being restricted by both username/password and client host address. In this case the default behavior (“all”) is to require that the client passes the address access restriction and enters a valid username and password. With the “any” option the client will be granted access if they either pass the host restriction or enter a valid username and password. This can be used to password restrict an area, but to let clients from particular addresses in without prompting for a password. “

A sample htaccess rule will like the following …

~~~~~

AuthName “restricted stuff”
AuthType Basic
AuthUserFile /etc/httpd/passwords
require valid-user
Order deny,allow
deny from all
Allow from x.x.x.x
Allow from y.y.y.y
Satisfy Any
~~~~~~~

Tags: access, apache, htaccess