Home/ Questions/Q 8578065
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T20:18:08+00:00

I have two web services(ie my_public_api and my_private_api) running in server1. (PHP,Apache) http:// ipaddress/my_public_api

  • 0

I have two web services(ie my_public_api and my_private_api) running in server1. (PHP,Apache)

http:// ipaddress/my_public_api — Can be accessed by everyone.

http:// ipaddress/otherfuncation/my_private_api – should be accessed only by approved user or specific ipaddress(server2)

I would like to implement some authentication for this. Can this be done using htpasswd basic authentication? if not what could be possible way to implement this.
In case if I use client authentication, is that possible only to protect my private_api and let the my_public_api accessble to everyone.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I found out a way to accomplish this using SSL,

    1. Generate Server and Client Certificates
    2. Point the generated certificate on the apache.
    3. Restrict api location / virtual path in the httpd.conf
    4. Distribute the client certificate to whom you want to grant the access.

    check here to know how to set up SSL certificates

    eg: httpd.conf

    <Location /mysite/private_api>
SSLRequireSSL
SSLVerifyClient require
SSLVerifyDepth 1
</Location>

    Check here for more details

    • 0