Sorry I meant for that IP or a range of IP's.
------------------------
Keith Smith
--- On Thu, 6/30/11, keith smith <klsmith2020@yahoo.com> wrote:
From: keith smith <klsmith2020@yahoo.com>
SNIP
Date: Thursday, June 30, 2011, 6:41 PM
If you know the remote IP you can use IPTables to block port 80 expect for that port or ports.
------------------------
Keith Smith
--- On Thu, 6/30/11, Brian Parma <freecode@cox.net> wrote:
From: Brian Parma <freecode@cox.net>
SNIPIf you only want to authenticate outside users, you could setup a VPN if
you are going to be accessing it from the same machine (like a laptop).
You could use temporary SSH tunneling also, which would give access only
to the machine you are SSHing from.
You might be able to setup a dual HTTP/HTTPS as Judd said and only
require authentication on the HTTPS, then just forward that port. I'm
not sure as I've never tried it.
On 06/30/2011 05:28 PM, Judd Pickell wrote:
> Before you get too excited, most home network providers don't allow
> riding port 80. You can always use a different port like 8081 to
> bypass. Standard Authentication is doable via .htaccess with apache,
> however you goal is to be secure so you will likely want to setup a
> HTTPS port with basic authentication in Apache that you will point to.
> Not the most perfect solution but it does do roughly what you are
> wanting.
>
> Sincerely,
> Judd Pickell
>
> On Thu, Jun 30, 2011 at 5:22 PM,<leegold@speedymail.org> wrote:
>> Hi,
>>
>> Using Ubuntu 10.04 LTS.
>>
>> I have an intranet server behind a NAT router. Very standard linksys
>> router home setup. The server has a static IP. I used port forwarding in
>> the router to use SSH and log into the server remotely - it works OK.
>>
>> I want no one outside my home network to access any webpages on the
>> server unless they're authenticated.. I know I could port forward like
>> with ssh but with http port 80 and then see webpages , but again this
>> would open it up to anyone with my cable modem's IP - wouldn't it?
>>
>> I need a secure way like SSH that requires a password before anyone
>> could access port 80 and http from the server from a remote network.
>>
>> How do I do this? And on the local network people can get served pages
>> normally as usual. Just remote would need authentication. Must be
>> commonly done(?)
If you jumped directly to this part of the document to find out how
to do authentication, it is important to note one thing. There is a
common misconception that you are required to use
.htaccess files in order to implement password
authentication. This is not the case. Putting authentication directives
in a <Directory> section, in your main server
configuration file, is the preferred way to implement this, and
.htaccess files should be used only if you don't have
access to the main server configuration file. See above for a
discussion of when you should and should not use .htaccess
files.
Having said that, if you still think you need to use a
.htaccess file, you may find that a configuration such as
what follows may work for you.
You must have "AllowOverride AuthConfig" in effect for
these directives to be honored.
.htaccess file contents:
AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins
Note that AllowOverride AuthConfig must be in effect
(in your httpd.conf or apache2.conf in /etc/apache2 or /etc/httpd [depending on your distro]) for these directives to have any effect.
Please see the authentication tutorial for a more complete discussion of authentication and authorization.
::end hacked up excerpt::
SNIP