I needed to ensure that within a rather large directory structure any directory named ‘intranet’ was only accessible by internal IP addresses. Although from a security perspective this is not truly intranet it is what I was asked to do.
/var/www/vhosts/mydomain/httpdocs/ represents the DocumentRoot for the virtual host.
This will protect /any/path/with/intranet/in/the/name – so intranet is in there and it should be protected.
/var/www/vhosts/mydomain/httpdocs/ represents the DocumentRoot for the virtual host.
This will protect /any/path/with/intranet/in/the/name – so intranet is in there and it should be protected.
<DirectoryMatch “^/var/www/vhosts/mydomain/httpdocs/([^/]+/)*(intranet|jonny)/” >
order deny,allow
allow from 111.222.111.
deny from all
</DirectoryMatch>
Now the next step might be to automatically request LDAP authentication on a similar naming convention?
