iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Configuring the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide—523346-002
7-36
Using Multiple Region Commands
name and password. One way you could do this is by specifying the following Region
directive:
Region * {
RequirePassword "Access accountname" -userfile
/server/root/user.db
AllowHost *.compedia.com
}
In this example, your server would first require a user name and password for access.
After receiving a valid user name and password, your server would check the web
client host name and deny access if the host name was not in the domain
compedia.com.
The problem with this ordering of commands is that users not in the domain
compedia.com will be prompted for their user name and password before being
denied access anyway. A better approach in this case would be to specify the
AllowHost command first:
Region * {
AllowHost *.compedia.com
RequirePassword "Access accountname" -userfile
/server/root/user.db
}
With this ordering of commands, hosts outside compedia.com will be denied access
immediately. Only hosts in compedia.com will be prompted for a valid user name and
password.
You can enter any number of Region directives in your server’s configuration file.
Therefore, a request might be processed by more than one directive, depending on
how the URL matching patterns in the directives are specified. For example, if the
configuration file contains the Region directives
Region * {
DirectoryIndex
}
Region /admin/* {
AllowHost *.compedia.com
}
an attempt by a request to access the URL path /admin/ would match the URL
matching pattern in both directives. In this case, the command in each directive would
be applied in the order of their appearance in the configuration file: DirectoryIndex
first, then AllowHost.