How do you restrict access to certain paths using Lighttpd?

Question

I would like to restrict access to my /admin URL to internal IP addresses only. Anyone on the open Internet should not be able to login to my web site. Since I'm using Lighttpd my first thought was to use mod_rewrite to redirect any outside request for the /admin URL back to my home page, but I don't know much about Lighty and the docs don't say much about detecting a 192.168.0.0 IP range.

Answer 1

Try this:

$HTTP["remoteip"] == "192.168.0.0/16" {
    /* your rules here */
}

Example from the docs:

  # deny the access to www.example.org to all user which 
  # are not in the 10.0.0.0/8 network
  $HTTP["host"] == "www.example.org" {
    $HTTP["remoteip"] != "10.0.0.0/8" {
     url.access-deny = ( "" )
    }
  }

Answer 2

This worked for me:

$HTTP["remoteip"] != "192.168.1.1/254" {
      $HTTP["url"] =~ "^/intranet/" {
        url.access-deny = ( "" )
      }
    }

!= worked over ==.