I don't know if it is possible. I have three domains in one .htaccess and pointing to a shared location:
domain-a.com
domain-b.com
domain-c.com
And now i want to block domain-c.com for all traffic and allow access from only two ip's. Domain-a.com and domain-b.com have to stay untouched.
I have tried to use this code in the .htaccess.
order deny,allow
deny from all
allow from x.x.x.x
I just don't know how to get it to work for one domain only instead of three.
To deny access to the domain , you can use the following :
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.)?domain_c.com$
#--allowed ip(s)--#
RewriteCond %{REMOTE_ADDR} !^(ip1|ip2)$
RewriteRule ^ - [F,L]
Related
I am trying to disallow all requests by
RewriteCond %{HTTP:X-FORWARDED-FOR} !=67.x.x.x
RewriteCond %{REQUEST_URI} !^api
RewriteRule ^(.*)$ - [R=403,L]
ErrorDocument 403 "<html><hea....
So the IP 67 should be allowed for all REQ - but the directory /api/ should be accessible for everyone.
How can I do that?
You Can apply some of these directives.
Also, am thinking that your api is a directory
order deny,allow
deny from all
allow from 222.333.444, 67.8.9.9 # ALLOWED IPS MUST BE SEPARATED BY COMMAS
<Directory /api>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
To deny access to all but 4 specific ip addresses you can use a negative RewriteCond and regex pattern to match against the allowed ip addresses something like the following :
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
If you do not want your /api uri to be redirected to 403 you can exclude it in your Rewrite pattern so that the uri is available for both allowed and denied ip addresses.
Full code :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !(ip1|ip2|ip3|ip4)
RewriteRule !api - [R=403,L]
I'm using Order Deny,Allow in my .htaccess file, without success. IP's I need to prevent access to are going right through with no troubles. I read that as of Apache 2.4 Order Deny,Allow would no longer work; first is that factual and second if so what has replaced it? I cannot access my httpd.conf file, so Require and Require not is not an option for me.
I only have access to .htaccess, how can I accomplish banning by ip or if no longer possible, redirecting by ip. Below is a snipit of my Order Deny,Allow if it matters. Thanks in advance!
Order Deny,Allow
Deny from 123.125.71.*
Deny from 123.125.71.121.some.domain.com
Deny from some.domain.com
Allow from All
(as you can see, I'm attempting to block the same ip, in various formats but no matter the format, the traffic continues to go through.)
To push the undesired ip to 403 ,you can use the following rule :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
RewriteRule ^ - [R=403,L]
Replace 00.00.00.00 with your undesired ip address.
To ban multiple ipaddress, you can add multiple conditions seprated by a [OR] flag to your rule :
RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$ [OR]
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
RewriteRule ^ - [R=403,L]
I'm trying to redirect visitors from my old domain to a new domain using .htaccess, however I would like to be able to visit the old domain myself by excluding my ipv4 & ipv6 from the redirect. If I fill in my exact ipv6 it's working but as it's changing often I would like to exclude my whole ipv6 prefix from the redirect.
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^12.345.678.901
RewriteCond %{REMOTE_ADDR} !^1234:123:1234:1:1234:1234:1234:1234
RewriteCond %{REMOTE_ADDR} !^1234:123:1234::/48
RewriteRule .* http://www.example.com [NC,R=301,L]
The first two RewriteConds are working, the third unfortunately is not :(
Note: replaced my ip with some fake numbers
Thanks!
Fixed it by using a different approach
<Files *>
ErrorDocument 403 http://www.example.com
Order deny,allow
Deny from all
Allow from 12.345.678.901
Allow from 1234:123:1234::/48
</Files>
However I would still like to know why the first option is not working
I currently have my local .htaccess on a MAMP server set up to block all incoming traffic from outside my local system;
<FilesMatch ".*">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
This works fine but I then use API's like PayPal that require access to your site for IPN's. Is it possible to keep the restriction on the rest of the site and allow outside access only to specific urls like https://example.com/paypal_ipn?
I understand I can just switch the restriction off when using IPN's but that's not what I'm looking for. Many thanks.
You can use mod_rewrite based rules instead in your root .htaccess:
RewriteEngine On
RewriteCond %{THE_REQUEST} !/paypal_ipn [NC]
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteRule ^ - [F]
This will block all requests that are not:
originating from localhost (127.0.0.1)
for /paypal_ipn
I'm currently trying to redirect my local configured domains to its directories.. What is the best way to achieve this using htaccess?
Currently 'localhost' redirects to /Library/WebServer/Documents/ (mac OSX), i want to create an htaccess file in this directory that will lead all domains to its directory.
Example htaccess code of what I'm looking for:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?example.com/$
RewriteRule ^(.*)$ /Library/WebServer/Documents/example.com/$1 [L]
I hope someone can help me out, think there's an easy fix for this!
Kind regards,
This is not possible with .htaccess alone. You need access to the main server configuration file or at least modify the appropriate virtual host section.
If you can modify the main config file, you can add any number of virtual hosts.
If you're allowed to adjust your virtual host only, you must add as many ServerAlias entries to your virtual host as you have domains.
Then you can add the rewrite rules for the various domains
RewriteEngine On
# prevent endless loop
RewriteCond %{ENV:REDIRECT_STATUS} .
RewriteRule ^ - [L]
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com/$
RewriteRule ^.*$ /Library/WebServer/Documents/example.com/$0 [L]
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com/$
RewriteRule ^.*$ /Library/WebServer/Documents/domain.com/$0 [L]
Try this
# get the server name from the Host: header
UseCanonicalName Off
# include the server name in the filenames used to satisfy requests
VirtualDocumentRoot /var/www/vhosts/%0/httpdocs
<Location /var/www/vhosts>
AllowOverride All
Options +FollowSymLinks
</Location>
Then, you could try these examples:
example.com would show /var/www/vhosts/example.com/httpdocs
example2.com would show /var/www/vhosts/example2.com/httpdocs
Remember to add the domains to your hosts file.
Source