httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Serediuk <>
Subject [users@httpd] Blocking Requests Based Off of HTTP Headers
Date Thu, 08 Feb 2007 23:13:42 GMT
Hello all,


I am trying to block requests based off of HTTP Headers using a RewriteCond
to a RewriteMap.


I have the following:


RewriteMap    hosts-deny  txt:/path_to/hosts.deny

RewriteCond   ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]

RewriteCond   ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]

RewriteCond   ${hosts-deny:%{true-client-ip}|NOT-FOUND} !=NOT-FOUND

RewriteRule   ^/.*  -  [F]


I want to block requests if the REMOTE_HOST, REMOTE_ADDR or true-client-ip
header matches the contents of the hosts.deny file. The hosts.deny file I
have created looks like: - -


If the REMOTE_HOST or REMOTE_ADDR matches the contents of the hosts.deny
file, the block works. However, if I set an HTTP header for true-client-ip it
does not match. I've tried a number of combinations and cannot get this to
work as expected. I know that the true-client-ip header exists, as I am using
it to log information into a log file successfully.





View raw message