Lighttpd: mod_access

lighttpd_logo I faced a problem when it was needed to allow access to certain url (x.x.x.x/zabbix/) for 2 fixed IP-addresses and one /16 subnet, and deny to anybody else.

The old examples from the official documentation worked not so perfect as I wanted https://redmine.lighttpd.net/boards/2/topics/1279
But the users helped me in the same topic.

This is how it’s done:

$HTTP["url"] =~ "^/zabbix/" {
    $HTTP["remoteip"] == "55.222.0.0/16" {
    }
    else $HTTP["remoteip"] == "11.22.33.44" {
    }
    else $HTTP["remoteip"] == "55.66.77.88" {
    }
    else $HTTP["remoteip"] != "" {  # (dummy match everything)
        url.access-deny = ( "" )
    }
}

Now anybody accessing /zabbix/ will get “403” error except 11.22.33.44 , 55.66.77.88 and 55.222.0.0/16.

Tags:

Comments are closed.