httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Owen Boyle <...@bourse.ch>
Subject Re: mod_rewrite questions
Date Fri, 03 May 2002 10:50:07 GMT
Denis wrote:
> 
> I did try the following, but obviously it matches to generally and denies
> _any_ request.. So how to modify this rule so it will not grab _anything_,
> but rather the illegal proxy requests ?
> 
> RewriteRule !^http://.* - [F]
              ^
what's the "!" for? Are you not negating the pattern match? In the
rewrite guide (http://httpd.apache.org/docs/misc/rewriteguide.html),
there is a "Proxy Deny" section which is exactly what you want. Perhaps
you misread the logic of the rule:

	RewriteCond %{REMOTE_HOST} ^badhost\.mydomain\.com$ 
	RewriteRule !^http://[^/.]\.mydomain.com.*  - [F]

I think this means: If the REMOTE_HOST is badhost, then substitute
anything BUT mydomain to "-" and Forbid it. I.e the "!" before the rule
allows badhost to continue to get access to mydomain.

What you want is even simpler:

 	RewriteRule ^http://*  - [F]

No RewriteCond (it applies to everyone) then any request beginning with
http gets forbidden. Note that real requests to your server are parsed
and so do not arrive with "http" still attached.

By the way, I haven't tested this - this is just my understanding and I
might be wrong. Test it and lettuce no!

Rgds,

Owen Boyle.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message