httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Serediuk <asered...@abebooks.com>
Subject [users@httpd] Blocking Requests Based Off of HTTP Headers
Date Thu, 08 Feb 2007 23:13:42 GMT
Hello all,

 

I am trying to block requests based off of HTTP Headers using a RewriteCond
to a RewriteMap.

 

I have the following:

 

RewriteMap    hosts-deny  txt:/path_to/hosts.deny

RewriteCond   ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]

RewriteCond   ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]

RewriteCond   ${hosts-deny:%{true-client-ip}|NOT-FOUND} !=NOT-FOUND

RewriteRule   ^/.*  -  [F]

 

I want to block requests if the REMOTE_HOST, REMOTE_ADDR or true-client-ip
header matches the contents of the hosts.deny file. The hosts.deny file I
have created looks like:

 

192.168.1.2 -

192.168.1.3 -

 

If the REMOTE_HOST or REMOTE_ADDR matches the contents of the hosts.deny
file, the block works. However, if I set an HTTP header for true-client-ip it
does not match. I've tried a number of combinations and cannot get this to
work as expected. I know that the true-client-ip header exists, as I am using
it to log information into a log file successfully.

 

 

--
Adam

 


Mime
View raw message