I using Piwik to track my websites visitors. As a matter of "security" I only allow the access to index.php a few known IPs. My problem is that the Piwik opt-out snippet is only available via this index.php.
I tried to solve this via RewriteRule's and Location/Files directives but I won't able to allow only the specific URL parameter and let others deny.
For all those people who don't know (much) Piwik but Apache here a the basic points:
- The administrative GUI is available via
index.phpwhich it's access is limited to known IPs. - The Piwik opt-out snippet is only available via
index.phpwith a known parameter set:index.php?module=CoreAdminHome&action=optOut&lang=DE
What I want is:
- Deny access to
index.phpfrom all unknown IPs but known IPs. (done) - Allow access to the opt-out parameter set for
index.phpfrom all IPs. (pending)
How to only allow URLs with specific parameter in Apache?
I tried:
Order allow,deny
Allow from all
<Files "index.php">
Order allow,deny
Deny from all
Allow from 127.0.0.1
</Files>
RewriteEngine On
RewriteRule ^/piwik-opt-out.html$ index.php?module=CoreAdminHome&action=optOut [L]
<Location "/piwik-opt-out.html">
Order allow,deny
Allow from all
</Location>
I think you can shrink the rules to just: