Access Control by Computer (IP Address, DNS Name)

This procedure is not recommended for several reasons:

Domain name verification is based on the Domain Name System and is not 100% secure.
Persons who are not supposed to read the documents (e.g. external library users who work on computers at the university library) can also get access to a computer.
On the other hand, authorised persons can work on external computers online (e. g. TU members at home or abroad), who will be excluded.

We therefore recommend access control via the Web-Trust-Center.

If you still want to use this simple access control:

# permit to everybody = default:
Require all granted

# prohibit files with .ht at the beginning to everybody
<FilesMatch "^\.ht">
  Require all denied
</FilesMatch>

# Only to IT and URZ
Require host .informatik.tu-chemnitz.de .hrz.tu-chemnitz.de

Example: Files in the dir20 directory should only be accessible from computers of the computer science department and the computer centre of the TU.: .htaccess - Result: .../dir20/

This is how you exclude individual IP addresses or address ranges from access:

<RequireAll>
# permit to everybody:
   Require all granted
# prohibit individuals:
    Require not ip 1.2.3.4 134.109.199/24
</RequireAll>