Magento Secure Magmi from unauthorized access using htaccess

I'm using below htaccess file to prevent unauthorized access to Magmi.

/{root_path}/{magmi_dir}/.htaccess

Order deny,allow

Deny from all

Allow from 127.0.0.1 202.131.115.180 xxx.xxx.xxx.xxx

this htaccess file is working fine when I'm trying to access Magmi from a browser but it's preventing me to access Magmi when I'm trying to call magmi script from observer using curl.

I've added 127.0.0.1 and server IP in htaccess to whitelist server itself but it's still not allowing me to access Magmi from the observer.

How can I whitelist server itself so that I can call Magmi script from Magento observer?

Thanks in advance.

asked Nov 10 '16 at 13:21

Shyam

1,392828

bumped to the homepage by Community♦ 13 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

I'm using below htaccess file to prevent unauthorized access to Magmi.

/{root_path}/{magmi_dir}/.htaccess

Order deny,allow

Deny from all

Allow from 127.0.0.1 202.131.115.180 xxx.xxx.xxx.xxx

this htaccess file is working fine when I'm trying to access Magmi from a browser but it's preventing me to access Magmi when I'm trying to call magmi script from observer using curl.

I've added 127.0.0.1 and server IP in htaccess to whitelist server itself but it's still not allowing me to access Magmi from the observer.

How can I whitelist server itself so that I can call Magmi script from Magento observer?

Thanks in advance.

asked Nov 10 '16 at 13:21

Shyam

1,392828

bumped to the homepage by Community♦ 13 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

I'm using below htaccess file to prevent unauthorized access to Magmi.

/{root_path}/{magmi_dir}/.htaccess

Order deny,allow

Deny from all

Allow from 127.0.0.1 202.131.115.180 xxx.xxx.xxx.xxx

this htaccess file is working fine when I'm trying to access Magmi from a browser but it's preventing me to access Magmi when I'm trying to call magmi script from observer using curl.

I've added 127.0.0.1 and server IP in htaccess to whitelist server itself but it's still not allowing me to access Magmi from the observer.

How can I whitelist server itself so that I can call Magmi script from Magento observer?

Thanks in advance.

asked Nov 10 '16 at 13:21

Shyam

1,392828

I'm using below htaccess file to prevent unauthorized access to Magmi.

/{root_path}/{magmi_dir}/.htaccess

Order deny,allow

Deny from all

Allow from 127.0.0.1 202.131.115.180 xxx.xxx.xxx.xxx

this htaccess file is working fine when I'm trying to access Magmi from a browser but it's preventing me to access Magmi when I'm trying to call magmi script from observer using curl.

I've added 127.0.0.1 and server IP in htaccess to whitelist server itself but it's still not allowing me to access Magmi from the observer.

How can I whitelist server itself so that I can call Magmi script from Magento observer?

Thanks in advance.

magento-1.9 magmi htaccess .htaccess

asked Nov 10 '16 at 13:21

Shyam

1,392828

asked Nov 10 '16 at 13:21

Shyam

1,392828

asked Nov 10 '16 at 13:21

Shyam

1,392828

asked Nov 10 '16 at 13:21

Shyam

1,392828

asked Nov 10 '16 at 13:21

Shyam

1,392828

bumped to the homepage by Community♦ 13 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

bumped to the homepage by Community♦ 13 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment |

1 Answer
1

active

oldest

votes

make a curl to http://canihazip.com/s to find out the IP of the webserver when making remote requests. It could be this differs from the incomming server IP.

Add that IP to your whitelist.

Alernatify, you can dump the $_SERVER['REMOTE_ADDR'] with a die(); in the index.php and remove the .htaccess block. Make a curl, see what the IP is, add that to the .htaccess whitelist.

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

add a comment |

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "479"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fmagento.stackexchange.com%2fquestions%2f145153%2fmagento-secure-magmi-from-unauthorized-access-using-htaccess%23new-answer', 'question_page');
}
);

Post as a guest

Name

Required, but never shown

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

make a curl to http://canihazip.com/s to find out the IP of the webserver when making remote requests. It could be this differs from the incomming server IP.

Add that IP to your whitelist.

Alernatify, you can dump the $_SERVER['REMOTE_ADDR'] with a die(); in the index.php and remove the .htaccess block. Make a curl, see what the IP is, add that to the .htaccess whitelist.

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

add a comment |

make a curl to http://canihazip.com/s to find out the IP of the webserver when making remote requests. It could be this differs from the incomming server IP.

Add that IP to your whitelist.

Alernatify, you can dump the $_SERVER['REMOTE_ADDR'] with a die(); in the index.php and remove the .htaccess block. Make a curl, see what the IP is, add that to the .htaccess whitelist.

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

add a comment |

make a curl to http://canihazip.com/s to find out the IP of the webserver when making remote requests. It could be this differs from the incomming server IP.

Add that IP to your whitelist.

Alernatify, you can dump the $_SERVER['REMOTE_ADDR'] with a die(); in the index.php and remove the .htaccess block. Make a curl, see what the IP is, add that to the .htaccess whitelist.

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

make a curl to http://canihazip.com/s to find out the IP of the webserver when making remote requests. It could be this differs from the incomming server IP.

Add that IP to your whitelist.

Alernatify, you can dump the $_SERVER['REMOTE_ADDR'] with a die(); in the index.php and remove the .htaccess block. Make a curl, see what the IP is, add that to the .htaccess whitelist.

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

edited Apr 25 '17 at 14:48

Raphael at Digital Pianism

54.7k22119278

answered Apr 25 '17 at 14:22

Robin van Raan

812

answered Apr 25 '17 at 14:22

Robin van Raan

812

answered Apr 25 '17 at 14:22

Robin van Raan

812

add a comment |

draft saved

draft discarded

Thanks for contributing an answer to Magento Stack Exchange!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Kdjykuj