Solved

MOD_REWRITE : I want to block access to all my files except from certian ip's/domains...

Posted on 2004-10-19
24
416 Views
Last Modified: 2008-02-20
I want to use MOD_REWRITE to block access to my files on my server(even broswer access, if possible) EXCEPT from domains/ips I specify


much thanks..
Caiapfas
0
Comment
Question by:Caiapfas
  • 12
  • 8
  • 4
24 Comments
 
LVL 5

Expert Comment

by:rsriprac
ID: 12352748
Here is an example of a mod-rewrite rule:

rewriteEngine on
rewriteCond %{HTTP_user_agent} Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Toshiba Corporation)
rewriteCond %{REMOTE_ADDR} ^55\.55\.*$
rewriterule!(403\.html¦404\.html) - [F,L]

This will block any one using Mozilla with the IP of 55.55.*

The Apache Doc at:

http://httpd.apache.org/docs/mod/mod_rewrite.html

is very useful.  Also knowing Regular Expression will help.
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12352763
I forgot to mention the final rule sends the users to a 404.html or 403.html document (missing, moved), so make sure you have one.

-Ram
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12352821
thats not what I wanted and my attempts have fails I want all blocked and sent to a certian page EXCEPT the ips/doamins i list within the rule....but thanks
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 5

Expert Comment

by:rsriprac
ID: 12352904
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12352909
Read the "Deny/Allow Certian IP Addresses" section.
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12352923
no I want to use mod_rewrite to direct them diffrect file/page.....not just deny them
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12353259
O ok:

rewriteCond %{REMOTE_ADDR} ^55\.55\.*$
RewriteRule  ^/$                 /homepage.1.html  [L]

rewriteCond %{REMOTE_ADDR} ^55\.66\.*$
RewriteRule  ^/$                 /homepage.2.html  [L]

RewriteRule  ^/$                 /homepage.all.html  [L]

i.e. Sent all IP 55.55.* to /homepage.1.html, all IP 55.66.* to  /homepage.1.html, and all others to /homepage.all.html.
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12353262
some errors, I mean:

i.e. Sent all IP 55.55.* to /homepage.1.html, all IP 55.66.* to  /homepage.2.html, and all others to /homepage.all.html.
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12353282
For a list go:

rewriteCond %{REMOTE_ADDR} ^55\.55\.*$
rewriteCond %{REMOTE_ADDR} ^55\.56\.*$
rewriteCond %{REMOTE_ADDR} ^55\.57\.*$
RewriteRule  ^/$                 /homepage.1.html  [L]

rewriteCond %{REMOTE_ADDR} ^55\.66\.*$
rewriteCond %{REMOTE_ADDR} ^55\.67\.*$
rewriteCond %{REMOTE_ADDR} ^55\.68\.*$
RewriteRule  ^/$                 /homepage.2.html  [L]

RewriteRule  ^/$                 /homepage.all.html  [L]

i.e. Sent all IP 55.55.* to /homepage.1.html, sent all IP 55.56.* to /homepage.1.html, sent all IP 55.57.* to /homepage.1.html

and

sent all IP 55.66.* to /homepage.2.html, sent all IP 55.67.* to /homepage.2.html, sent all IP 55.68.* to /homepage.2.html

finally, all others to /homepage.all.html.
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12353292
REad the mod_rewrite Apache Doc at:

http://httpd.apache.org/docs/mod/mod_rewrite.html

You'll learn alot more fancy tricks.
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12353636
no, you are doing some GREAT script writing but we must be misunderstanding...

I want to send all traffic to page.htm
and only the few ip I list are all access to the files/site...get it?
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 12354538
why not just use a .htaccess file and set your 403 page as this "page.htm"
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12354588
BECAUSE i have site accessing files on this server that i want to allow to do so, but any and all other = where i send them,
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12354590
including users
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 12354643
you can use htaccess to block IPs, or only allow a list of IPs/hosts

eg:

order deny,allow
deny from all
allow from localhost
allow from 192.168.0.4


that would only allow the local machine and 192.168.0.4 to access the directory/subdirs/files
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12355016
can i allow domains or will i need the ip for all?
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 12355043
sure


allow from .mydomain.com

allows all subdomains (eg pies.mydomain.com, candy.mydomain.com, etc)


allow from pie.mydomain.com

allows only from pie.mydomain.com
0
 
LVL 16

Expert Comment

by:OliWarner
ID: 12355048
here's quite a good guide to mastering your htaccess

http://www.javascriptkit.com/howto/htaccess.shtml
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12363607
How bout this:

rewriteCond %{REMOTE_ADDR} ^55\.55\.*$
RewriteRule  ^/(*)$                 /\1  [L]

rewriteCond %{REMOTE_ADDR} ^*$
RewriteRule  ^(*)$                 /page.html  [L]

Will allow only 55.55.* to access any, while all other request wll be routed page.html.
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12373078
ok so how can i do more than one ip ...
please I want to be able to allow domians
I even want to disallow the server the files are housed on
0
 
LVL 5

Accepted Solution

by:
rsriprac earned 500 total points
ID: 12374991
More domains:

rewriteCond %{REMOTE_ADDR} ^55\.54\.*$
rewriteCond %{REMOTE_ADDR} ^55\.55\.*$
rewriteCond %{REMOTE_ADDR} ^55\.56\.*$
rewriteCond %{REMOTE_ADDR} ^*.foobar.com$

RewriteRule  ^/(*)$                 /\1  [L]

rewriteCond %{REMOTE_ADDR} ^*$
RewriteRule  ^(*)$                 /page.html  [L]
0
 
LVL 2

Author Comment

by:Caiapfas
ID: 12375625
what if i wanted to put full ips in there?
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12375794
its fine.
0
 
LVL 5

Expert Comment

by:rsriprac
ID: 12375798
i.e. rewriteCond %{REMOTE_ADDR} ^55\.54\.55\.55$
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
eclipse package explorer vs project explorer view 2 179
I need an assist with a programming logic math question. 5 73
Base1 Encode/Decode 3 81
Bot application - advice 3 38
A short article about a problem I had getting the GPS LocationListener working.
Displaying an arrayList in a listView using the default adapter is rarely the best solution. To get full control of your display data, and to be able to refresh it after editing, requires the use of a custom adapter.
An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question