Home / server / Questions / 324488
Accepted
John K
Asked: 2011-10-25 19:52:56 +0800 CST

APE handler Windows equivalent of disabling security per IP# using htaccess?

  • 772

I want to turn off basic auth in Windows/IIS 7 that is enforced by the Helicon APE handler. It should be turned off for local IP#s e.g. 192.168.xxx.

Cross-referencing the Apache docs with the Helicon docs this seems viable however the environment variable in the Apache example 'MODSEC_ENABLE=Off' doesn't seem to be supported on Windows.

Is there a Helicon alternative that works? 

# Apache htaccess sample:
SetEnvIfNoCase Remote_Addr ^192\.168\..+$ MODSEC_ENABLE=Off
windows .htaccess

1 Answers

  1. Best Answer

    Your Ticket Has Been Updated

    Hello,

    You recently logged a ticket with a subject of APE handler - Disabling security per IP# with us. This e-mail is to advise you of an update to that ticket.

    The following comment was added to ticket [inbox-12956]:

    Hello,

    Please try to add the following portion of code into the .htaccess with the auth directives: 

    # allow access by hosts rules or after authentication
# the following 4 lines should be added on top of your existing auth directives

Satisfy Any
Order Deny,Allow
Deny from all
Allow from localhost 127.0.0.1 ::1 192.168.0.0/16

#this part should already exist in your file.
AuthType basic
AuthName "private area"
AuthBasicProvider file
AuthUserFile ../.htpasswd
Require valid-user

    Regards,
    Inbox
    [email protected]

    • 0