Controlling Web Page Access With HTAccess
from http://www.mcs.kent.edu/system/web_help/htaccess/introduction.html
The access instruction
The set of instructions that are placed between the <LIMIT GET> and
</LIMIT> statements determine how the directory can be accessed, i.e.,
who is allowed to access the web pages in the directory, and who is denied
access.
There are several types of access instructions which can be used:
The instruction to allow access to a specific user is:
require user {username}
where username is an entry in the .htpasswd
file.
The instruction to allow access to a group of people is:
require group {groupname}
where groupname is the name of a group in the .htgroup
file.
The instruction to allow access to any user inside a certain domain
is:
order deny,allow
deny from all
allow from {domainname}
where domainname is the name of the domain you wish to allow access from.
Note that there is no space between the words "deny" and "allow" in the
line
order deny,allow
Please also note that if you only wish to allow or deny access from specific
domains, the first four "Auth" lines of the .htaccess
file can be omitted (these lines are used only for group or user authentication).
The instruction to deny access to any user inside a certain domain is:
order allow,deny
allow from all
deny from {domainname}
where domainname is the name of the domain you wish to deny access from.
Notes:
There is no space between the words "deny" and "allow" in the lines
order deny,allow
order allow,deny
If you only wish to allow or deny access from specific domains, the first
four "Auth" lines of the .htaccess file can
be omitted.
Each of these instructions can include multiple user/group/domain names.
It is possible to use combinations of the different types of instructions.
It is possible to use multiple instructions of the same type.