I am using this code in my htaccess file to block traffic from specific websites to my website and it works:
RewriteEngine On
SetEnvIfNoCase Referer "example.com" bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer
Now what I want is set a time for this code, for example, visitors from a specific website are only allowed to visit my website from 08:00 till 17:00
I tried this:
RewriteEngine On
RewriteCond %{TIME_HOUR}%{TIME_MIN} >0800
RewriteCond %{TIME_HOUR}%{TIME_MIN} <1700
SetEnvIfNoCase Referer " example.com " bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer
But does not seem to work, visitors are still blocked between the set time stamp
Thanks
Robert
You can't use SetEnv with RewriteRule as these two directives are part of two different apache modules. You can use mod-rewrite to achieve what you want to :
RewriteEngine On
RewriteCond %{TIME_HOUR}%{TIME_MIN} >=0800
RewriteCond %{TIME_HOUR}%{TIME_MIN} <=1700
RewriteCond %{HTTP_REFERER} example\.com [NC]
RewriteRule ^ - [R=403,L]
Related
I am trying to disallow all requests by
RewriteCond %{HTTP:X-FORWARDED-FOR} !=67.x.x.x
RewriteCond %{REQUEST_URI} !^api
RewriteRule ^(.*)$ - [R=403,L]
ErrorDocument 403 "<html><hea....
So the IP 67 should be allowed for all REQ - but the directory /api/ should be accessible for everyone.
How can I do that?
You Can apply some of these directives.
Also, am thinking that your api is a directory
order deny,allow
deny from all
allow from 222.333.444, 67.8.9.9 # ALLOWED IPS MUST BE SEPARATED BY COMMAS
<Directory /api>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
To deny access to all but 4 specific ip addresses you can use a negative RewriteCond and regex pattern to match against the allowed ip addresses something like the following :
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
If you do not want your /api uri to be redirected to 403 you can exclude it in your Rewrite pattern so that the uri is available for both allowed and denied ip addresses.
Full code :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
RewriteRule !api - [R=403,L]
As far as I know, the L flag is only applicable to mod_rewrite and S to rewrite rules. However, I have some old indexed php pages, which I want to redirect to new URL. I have like zillion of lines like this:
RewriteRule ^example.php(/?.*) /example/$1 [R=301,L]
This would normaly work, but I have also this code in my .htaccess:
<Files *.php>
Order Deny,Allow
Deny from all
</Files>
I am wondering, if it is possible to skip this if the rule is met, as long as these two flags mentioned above do not apply.
You can keep all specific redirect rules at the top followed by a generic rule to deny access to .php files as below:
RewriteEngine On
# specific .php handlers
RewriteRule ^example\.php(/.*)?$ /example/$1 [R=301,L,NC]
# generic rule to deny .php files
RewriteCond %{REQUEST_URI} !^/index\.php [NC]
RewriteRule \.php$ - [F,NC]
I'm looking to achieve blocking specific urls for 1 specific country via .htaccess. What I got so far is a block to the entire site, but what I'm looking is to block a specific url of the site. Here is what I got.
<Limit GET POST>
order allow,deny
deny from 2.20.179.0/24
deny from 2.20.185.0/24
deny from 2.22.230.0/24
deny from 2.136.0.0/15
deny from 2.138.0.0/15
allow from all
</Limit>
Having that, how could I block the url http://domain.com/en/profiles/kasper, for that specific IP ranges / country? What is the right way to include that url in the htaccess?
Thank you in advance
You can use mod_rewrite if you are in htaccess and want to block URLs for certain IPs:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^2\.20\.(179|185)\.(\d|1\d|2[0-4])$ [OR]
RewriteCond %{REMOTE_ADDR} ^2\.22\.230\.(\d|1\d|2[0-4])$ [OR]
RewriteCond %{REMOTE_ADDR} ^2\.(136|138)\.0\.0$
RewriteRule ^en/profiles/kasper(/.*)$ - [F,NC]
I want to do deny access to specific ip. I tried this htaccess code but didn't worked:
<Files "index.php?action=deny">
Order Allow,Deny
Deny from XXXX
Allow from all
</Files>
where XXXX is an ip address. how can I do something like that, so it will deny only specific get parameter and not the whole file?
In 2.4, use to check the query string
<If "%{QUERY_STRING} =~ /action=deny/">
Require all denied
</If>
In 2.2, use mod_rewrite:
RewriteEngine ON
RewriteCond %{QUERY_STRING} action=deny
RewriteRule index.php - [F]
Your pattern in Files directive is misleading. If you want to match the URL with action=deny query argument; you'd need to use <Location>:
<Location /index.php?action=deny>
You can use this rule in your root .htaccess:
RewriteEngine On
RewriteCond %{QUERY_STRING} ^action=deny$ [NC]
#RewriteCond %{REMOTE_ADDR} =11.22.33.44
RewriteRule ^index\.php$ - [F]
Replace 11.22.33.44 with your actual IP address
I have a website say www.abcd.com. Its working fine if i access it using url http://abcd.com. But what i want is that if user go with url http://abcd.com, then web server should be able to convert it into url www.abcd.com.
%LOCATION_CONTAINS_HTACCESS_FILE% = Some Path
Some important changes in httpd.config are:
1. DocumentRoot "/var/www/html"
2. <Directory />
Options FollowSymLinks
AllowOverride All #changed to All
</Directory>
3. <Directory "%LOCATION_CONTAINS_HTACCESS_FILE%">
AllowOverride All
</Directory>
4. AccessFileName .htaccess #default
5. %LOCATION_CONTAINS_HTACCESS_FILE%/.htaccess # I added
6. <Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
My .htaccess
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
With these changes I am getting error in line 5(from above, i think) when executing "service httpd restart":
Starting httpd: Syntax error on line 415 of /etc/httpd/conf/httpd.conf:
Invalid command '%LOCATION_CONTAINS_HTACCESS_FILE%/.htaccess', perhaps misspelled or defined by a module not included in the server configuration
I went through most of links on web, but couldn't get any specific solution to this.
I don't have much knowledge about Web services. But waiting for a simpler solution.
Hoping you guys have faced this issue & surely solved.
I always use the snippet below:
RewriteEngine On
RewriteBase /
# Redirect non-canonical domains
RewriteCond %{HTTP_HOST} !^www.yourdomain.com$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [L,R=301]
# Redirect non-www to www version
RewriteRule %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^([^.]+\.[a-z]{2,6})$ [NC]
RewriteRule ^(.*)$ http://www.%1/$1 [R=301,L]
It does two things:
The first snippet (below "Redirect non-canoncial domains") redirects visitors who come in from an alias (eg. my-domain-alias.com) to the main domain (yourdomain.com). It uses a 301 redirect (permanent) to let search engines know this is the right address (and not some duplicate content).
It checks if the www prefix is used. If not, it redirects, and also redirects using the 301 status code.
Note: the NC flag tells apache to check ignoring the case.
-- Edit:
I'd change the order directive to:
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
This will deny access to ALL hidden files (eg. your php .user.ini file, if present), not only .htaccess/.htpasswd files etc.