HTaccess IP access for other user (on same server) with Curl problem

marcel

Verified User
Joined
May 13, 2005
Messages
25
I have a user A with IP AAA, this user needs to access a directory of an other user B (with IP BBB) with CURL on the same server (Directadmin/CentOS/IP CCC) This directory of this user is locked with HTAccess. Normally for outside users I would open the directory in the HTAccess by adding his/her IP address to the HTAccess file.

When I add IP of user A to the HTAccess of user B, the directory stays blocked.
When I add IP of the server to the HTAccess of user B, the directory stays blocked.
When I add IP of user B to the HTAccess, the directory is open for user A, but also for all other users on the server
$REMOTE_ADDR testing gives the same results...

<Limit GET POST PUT PATCH DELETE>
order deny,allow
deny from all
allow from XXX.XXX.XXX.XXX
allow from AAA.AAA.AAA.AAA
</Limit>

What am I doing wrong? Is this a limitation of Curl? CentOS? Tried and searched a lot, but can not find it...
 
Inside / local Users is/go with User rights of system itself. i guess.
BUt it don't know how the .htaccess then yes/no involved when needed to?

are some shared ip/s / blocks

maybe this helps to.
 
Last edited:
Inside / local Users is/go with User rights of system itself. i guess.
BUt it don't know how the .htaccess then yes/no involved when needed to?

are some shared ip/s / blocks

maybe this helps to.
Thank you... However, we mean something else
 
Anyone have an idea why a user on the server does not use the IP from the server or from him/herself for (outbound) traffic (actually on the same directadmin/CentOS server but another user and another IP)? And how to fix this for CURL (to use the IP HTAccess blocking)? Am I missing something?
 
By default cURL will use a default IPv4/IPv6 from network interface. If you need cURL to use another IP you will need explicitly specify it through options.
 
By default cURL will use a default IPv4/IPv6 from network interface. If you need cURL to use another IP you will need explicitly specify it through options.
Tried both options:
- cURL does not use the default IP from the network interface (IP from the server, also IP of the directadmin license)
- cURL with option —dns-ipv4-addr flag: still gives the 'local' IP of the user (BBB.BBB.BBB.BBB) in $_SERVER, not the remote IP (AAA.AAA.AAA.AAA)

cURL request:
curl -XPOST https://www.destination-server.com/test.php --dns-ipv4-addr AAA.AAA.AAA.AAA

Printing the contents of the $_SERVER variable in test.php. The response is as follows:
"SERVER_ADDR": “BBB.BBB.BBB.BBB”,
"REMOTE_ADDR": “BBB.BBB.BBB.BBB”,
I would like it to be:
"SERVER_ADDR": “BBB.BBB.BBB.BBB”,
"REMOTE_ADDR": “AAA.AAA.AAA.AAA”,

Any thoughts?
 
Extra remark:
If we cURL outside the server, then we do get the Server IP (same as directadmin license) returned in $_SERVER
 
Last edited:
Back
Top