I've added this in the .htaccess the file located in the root of the project:
<Files *.php>
Require host lamtakam.test lamtakam.com
Require ip ::1 95.216.xx.xx
</Files>
I've used xx.xx to keep my real ip hidden in a public community, in reality, there are numbers instead of xs.
Now I need to call a file daily (using a cron job crontab) from the same server, something like this:
0 22 * * * wget /path/to/file.php
But I get this error:
--2020-09-13 13:33:55-- https://lamtakam.com/path/to/file.php
Resolving lamtakam.com (lamtakam.com)... 104.31.74.192, 172.67.174.239, 104.31.75.192, ...
Connecting to lamtakam.com (lamtakam.com)|104.31.74.192|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2020-09-13 13:33:55 ERROR 403: Forbidden.
Note: I use Cloudflare and these IPs belongs to it: 104.31.74.192, 172.67.174.239, 104.31.75.192
Any idea how can I make file.php accessible when I can it from the same server? (And not from anywhere else)
You can trick the server via adding the following record in your
/etc/hostsfile, that server as local DNS, thus the Cloudflare's DNS setup will be ignored:You can't use
https://forlocalhost/because the SSL/HTTPS certificates are issued for a concrete domain name, i.e. lamtakam.com, etc.You could bind
lamtakam.comand probablylamtakam.testto the loop back interface (127.0.0.1for IPv4 and::1for IPv6) by modifying the relevant line of/etc/hostsin this way:In this case you should edit the
.htaccessfile in a way as this:::1is the IPv6 loopback interface, but we didn't created an appropriate entry in the/etc/hostsfile, so we do not need impossible require rule for that IP.This second approach (by using the loopback interface) is more flexible, because even you change the server's public IP you wont need to change your
.htaccesssetup.