| Dave Bodenstab 2004-11-29, 2:52 am |
| I'm very new at this... I've just installed apache 1.3.33 and would
like to open my server to my friends only. I've begun reading the
auth docs, but I don't see anything obvious that would do this:
Any client (except from within my LAN) should be checked to see
if the IP is "known". I would maintain a database of hostname/IP's
of my friends (none of whom have static IP's) who will need to
get a free domain at dyndns.org or somesuch; periodically I would
run the names through dns and update my database. Even better
would be the ability to run a script that would do whatever custom
authentication that I want and have it return the result.
If the IP is in my database (a friend), allow apache to handle
the request.
If the IP is not in my database, return an "access denied" page
containing instructions to email/contact me (my friends know my
email address) so that I can enable access.
In other words, I want *all* requests from non-verified client IP's
to be given my "access denied" page. My friend's IP's will be
verified, so they would be accepted.
I want to avoid using the user/password prompt to everyone so that
I'm not pounded by some jerks trying to crack the passwords, nor
do I want search engines (which ignore robots.txt) indexing my home
server.
Or is there a better way...?
Any hints? Where would I start?
Thanks.
PS. It occurred to me that perhaps php could be used to do this... but
would it be possible with apache alone?
|