I'm looking to achieve blocking specific urls for 1 specific country via .htaccess. What I got so far is a block to the entire site, but what I'm looking is to block a specific url of the site. Here is what I got.
<Limit GET POST>
order allow,deny
deny from 2.20.179.0/24
deny from 2.20.185.0/24
deny from 2.22.230.0/24
deny from 2.136.0.0/15
deny from 2.138.0.0/15
allow from all
</Limit>
Having that, how could I block the url http://domain.com/en/profiles/kasper, for that specific IP ranges / country? What is the right way to include that url in the htaccess?
Thank you in advance
You can use mod_rewrite if you are in htaccess and want to block URLs for certain IPs:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^2\.20\.(179|185)\.(\d|1\d|2[0-4])$ [OR]
RewriteCond %{REMOTE_ADDR} ^2\.22\.230\.(\d|1\d|2[0-4])$ [OR]
RewriteCond %{REMOTE_ADDR} ^2\.(136|138)\.0\.0$
RewriteRule ^en/profiles/kasper(/.*)$ - [F,NC]
Related
I am using this code in my htaccess file to block traffic from specific websites to my website and it works:
RewriteEngine On
SetEnvIfNoCase Referer "example.com" bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer
Now what I want is set a time for this code, for example, visitors from a specific website are only allowed to visit my website from 08:00 till 17:00
I tried this:
RewriteEngine On
RewriteCond %{TIME_HOUR}%{TIME_MIN} >0800
RewriteCond %{TIME_HOUR}%{TIME_MIN} <1700
SetEnvIfNoCase Referer " example.com " bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer
But does not seem to work, visitors are still blocked between the set time stamp
Thanks
Robert
You can't use SetEnv with RewriteRule as these two directives are part of two different apache modules. You can use mod-rewrite to achieve what you want to :
RewriteEngine On
RewriteCond %{TIME_HOUR}%{TIME_MIN} >=0800
RewriteCond %{TIME_HOUR}%{TIME_MIN} <=1700
RewriteCond %{HTTP_REFERER} example\.com [NC]
RewriteRule ^ - [R=403,L]
I am trying to disallow all requests by
RewriteCond %{HTTP:X-FORWARDED-FOR} !=67.x.x.x
RewriteCond %{REQUEST_URI} !^api
RewriteRule ^(.*)$ - [R=403,L]
ErrorDocument 403 "<html><hea....
So the IP 67 should be allowed for all REQ - but the directory /api/ should be accessible for everyone.
How can I do that?
You Can apply some of these directives.
Also, am thinking that your api is a directory
order deny,allow
deny from all
allow from 222.333.444, 67.8.9.9 # ALLOWED IPS MUST BE SEPARATED BY COMMAS
<Directory /api>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
To deny access to all but 4 specific ip addresses you can use a negative RewriteCond and regex pattern to match against the allowed ip addresses something like the following :
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
If you do not want your /api uri to be redirected to 403 you can exclude it in your Rewrite pattern so that the uri is available for both allowed and denied ip addresses.
Full code :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
RewriteRule !api - [R=403,L]
I'm using Order Deny,Allow in my .htaccess file, without success. IP's I need to prevent access to are going right through with no troubles. I read that as of Apache 2.4 Order Deny,Allow would no longer work; first is that factual and second if so what has replaced it? I cannot access my httpd.conf file, so Require and Require not is not an option for me.
I only have access to .htaccess, how can I accomplish banning by ip or if no longer possible, redirecting by ip. Below is a snipit of my Order Deny,Allow if it matters. Thanks in advance!
Order Deny,Allow
Deny from 123.125.71.*
Deny from 123.125.71.121.some.domain.com
Deny from some.domain.com
Allow from All
(as you can see, I'm attempting to block the same ip, in various formats but no matter the format, the traffic continues to go through.)
To push the undesired ip to 403 ,you can use the following rule :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
RewriteRule ^ - [R=403,L]
Replace 00.00.00.00 with your undesired ip address.
To ban multiple ipaddress, you can add multiple conditions seprated by a [OR] flag to your rule :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$ [OR]
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
RewriteRule ^ - [R=403,L]
I would like to restrict access to a specific URL that's being generated, by IP address. For example:
http://www.domain.com/section.php/123/1/some-nice-text
can not be accessed by the IP 123.45.67.89.
So far, I've got:
<Limit GET POST HEAD>
order allow,deny
deny from 123.45.67.89
allow from all
</Limit>
but this blocks access to all the site for that IP.
I can't put the htacess in that path, as it doesn't actually exist. How can I edit the Limit condition to specify a path?
I'd use mod_rewrite. Something like this:
RewriteBase /
RewriteCond %{REMOTE_ADDR} =123.45.67.89
RewriteRule ^section.php/123/1/some-nice-text - [R=404,L,NC]
(Untested / season to taste.)
Update: For multiple addresses, you can use regexen and/or multiple RewriteConds combined with [OR]:
RewriteBase /
RewriteCond %{REMOTE_ADDR} =123.45.67.89 [OR]
RewriteCond %{REMOTE_ADDR} ^123\.45\.67\.9[0-4]$ [OR]
RewriteCond %{REMOTE_ADDR} ^123\.4\.56\.
RewriteRule ^section.php/123/1/some-nice-text - [R=404,L,NC]
(Still untested etc.)
I want to protect some subdomains from the public. Restriction should be done against a whitelist of IPs.
Infinite loop due to the redirect is not a problem as its not the www-domain.
I tried this http://discussions.apple.com/message.jspa?messageID=2411725, but couldnt get it to work.
However I did try this first
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$ [OR]
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^/.* http://www.mydomain.com [R]
.. but didnt work.
What am I doing wrong ?
This kind of thing is actually exactly what Apache's Allow and Deny directives are intended for. Inside the <VirtualHost> block for the domain you want to restrict access to, put this:
<Location />
Order allow,deny
Allow from all
Deny from 123.45.67.89
Deny from 213.45.67.89
</Location>
However, this would produce a 403 (forbidden) error, which doesn't redirect to your www domain by default. I think you can make it do so by adding the directive
ErrorDocument 403 http://www.example.com
You have to combine the RewriteCond directives with AND instead of OR as you want to redirect if both conditions are true (therefor the IP address is neither X nor Y). So try this:
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.45\.67\.89$
RewriteCond %{REMOTE_ADDR} !^213\.45\.67\.89$
RewriteRule ^ http://www.example.com/ [R]