Access rules

Access rules are used to set rules for (part of) a webserver for (part of) the visitors. You can redirect users based on IP rules or (WebHare or other) login. 

To set one or more access rules for a webserver:

• Select the webserver you have created. 
• Choose "Access rules" from the button bar.

Choose "Add" to add an access rule. Several settings are available, divided over 3 tabs.

The "General" tab houses the following settings:

• Enabling / disabling the access rule.
• Choose which path you want: when you add "/" or nothing the webserver root is used, when you add "/folder/" the rule is applied to the subfolder "folder".
• "Path matching" defines what happens next: 
  • Exact match: only the requested path is used, for any other path the rule is not applied
  • Initial path must match: the rule is applied for everything after the path. In the "/folder/" example on "folder/subfolder" the rule is applied.
  • Wildcard matching allows for setting up advanced rules. "*/images/" for instances would be applied to all folders named "images" within any part of the webserver.
• You can choose to disable browser caching or limit the cache age. 

The "Page logins" tabs lets you choose in which way visitors to the website are identified:

• Based on IP rules - these need to be set separately (see Setting IP-filters). You can choose whether only users that don't meet the IP filters need to login or only users that don't meet the IP filters.
• Login method: you can set rules based on WebHare accounts - either all WebHare users available in User Management or selected users. You can choose these WebHare users separately (see choosing WebHare users).
• External user accounts; you can create "External user accounts" for loggin on (See "External users". These will then be able to login to the website, but not the application backend. 

The "Hosting source" tab allows you to choose what hosting choices are made based on the set access rule.

• Standard serving: usually used in combination with login settings to restrict visitors
• Alternative content folder: can be used to show different content do different visitor groups.
• Single script: allow a single script to handle all visitors
• Redirect: redirect to a different URL.  

• You van choose to keep the URL subpath.

• A WebHare module website can also be used as hosting source.

Setting IP filters

• Open the access rules dialog.
• Select an access rule and press "IP filters".
• An overview of current filters is displayed.
• Choose "Add" to add a new filter.
• Add the relevant IP mask. CIDR notation are supported.
• Choose whether this IP filter denies or allows access. When access is allowed based on this filter, all other IP's are denied (and vice versa), except for IP's set by other filters.

Choosing WebHare users for access

• Open the acces rules dialog.
• Select an access rule where "Only selected WebHare users" is selected for login method
• Click the "WebHare users" button.

The users that have access are displayed. 

• Click "Grant right" you add users that can login.
• Choose the user(s) you want to allow to login.

Setting External Users

• Open the acces rules dialog.
• Select an access rule where "Use external user accounts to login " is selected.
• Click the "External users" button.

The users that have access are displayed. 

• Click "Add" you add users that can login.
• Enter a username.
• Enter a (secure) password.
• Repeat the password.
• Click "OK" to add the user.

Provide the user with the username and password to provide access.