We currently restrict access to the entire staging site using Apache (2.4.7) ‘Allow from xxx.xxx.xxx.xxx’ directives. I am developing a custom tool on a single WordPress page that we want to allow some external partners to review. How can we maintain the sitewide IP restrictions but allow all requests to a specific URL?
The best shot I’ve taken involves mod_setenvif, but I haven’t managed to make it work. This could be due to the WordPress permalink rewrites, but I’m not sure. Relevant section of the Apache site config below.
<IfModule mod_ssl.c> <VirtualHost *:443> #... DocumentRoot /var/www/staging.example.org SetEnvIf Request_URI ^/mapping-tool-demo$ DEMO_ACCESS <Directory /var/www/staging.example.org/> AllowOverride All Order Allow,Deny Deny from all Allow from env=DEMO_ACCESS Allow from xxx.xx.xxx.xx xxx.xxx.xx.xx #HQ Office access Allow from xxx.xx.xx.xxx xx.xxx.xxx.xx #Consultant temp access </Directory> #... </VirtualHost> </IfModule>