httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Priya Vadlakonda (Contractor)" <Priya.Vadlako...@ucop.edu>
Subject RE: [users@httpd] IP based redirect with mod_rewrite
Date Fri, 07 May 2010 00:47:02 GMT
 

I think have the solution ..

 

        RewriteEngine on

        RewriteCond %{REMOTE_ADDR) !^(128\.48\.\.+)$

        RewriteCond %{REQUEST_URI) ^*

        Redirect permanent .*  https://.....

 

All this time I was using Rewriterule instead of Redirect and it was failing. I changed it
redirect and at the outset it seems to be working

 

However, I need to test this more extensively, I only get stipulated time to test this since
its pretty busy time.

 

Will let you know if this works without any hiccups.

 

Thanks Charan and Igor for looking into this.

 

/Priya

 

 

From: Priya Vadlakonda (Contractor) [mailto:Priya.Vadlakonda@ucop.edu] 
Sent: Wednesday, May 05, 2010 8:31 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] IP based redirect with mod_rewrite

 

True

The problem is on the fail over environment, we don't have a load balancer and they would
want a solution on Apache so they can implement the same even in the fail over env

I will anyway send the log, may be you have more ideas

Thanks
Priya

________________________________

From: Igor Cicimov 
To: users@httpd.apache.org 
Sent: Wed May 05 18:54:46 2010
Subject: Re: [users@httpd] IP based redirect with mod_rewrite 

Yeah that's what I was suspecting. Because of the F5 masquerading the apache is not getting
the client IP but the one set by F5.

The simplest solution would be to set the rule you need on the F5 load balancer than on apache
server.

 Igor

On Thu, May 6, 2010 at 11:36 AM, Priya Vadlakonda (Contractor) <Priya.Vadlakonda@ucop.edu>
wrote:

If I remember right, I think when I set the log for debugging

The rule does not seem to work as expected and is checking proxy ip instead of client ip

Anyway, to be sure I will set up the rule yet again and send you the log snippet.

Thanks
Priya

________________________________

From: Igor Cicimov 
To: users@httpd.apache.org 
Sent: Wed May 05 18:27:11 2010
Subject: Re: [users@httpd] IP based redirect with mod_rewrite 

I wonder why the %{REMOTE_ADDR} approach is failing? Are you getting a wrong REMOTE_ADDR or
your rule is not working? Can you please post your rewrite rule for that case and appropriate
rewrite logs with RewriteLogLevel set as high as possible for debugging?

You can also try to combine SetEnvIf and mod_rewrite for Remote_Addr parameter but if the
above try is failing this one should be failing too since practically both are checking the
same variable.

Igor 

On Thu, May 6, 2010 at 6:09 AM, Priya Vadlakonda (Contractor) <Priya.Vadlakonda@ucop.edu>
wrote:

Hi

 

How do I set up a rule in Apache( If at all that is possible) to redirect traffic based on
the IP address of the client.

 

Here is the set up of the env

 

There is a reverse proxy (F5 LTM) that does SSL offloading and this is the first point the
user hits and this does load balancing across our Apache Web Servers.

 

So, we have Apache as a proxy server that sits behind the firewall and this is the second
entry point.

 

The problem is I would need to set up a rewrite rule in Apache that diverts user to a web
page depending on the original IP address of the client.

 

We run Apache v2 and use {X-Forwarded-For}i feature that enables us to record the IP address
of the client in the access log.

 

In the access log I get both  the F5 proxy IP and also the original client IP.

 

wsadmin@dolores:/etc/apache2> rpm -qa | grep apache2

apache2-2.0.49-27.38

apache2-worker-2.0.49-27.38

 

Now the condition and rule

 

As soon as the client hits the F5 and the request is sent to Apache, I need Apache to make
a decision by getting the actual client IP and routing to the appropriate web page.

 

Say if the user is accessing a URI /* and the request is coming from within 128.48.0.0/16
or ucop.edu domain

 

I need users to get to https://sseqa.ucop.edu/* 

 

For any other client IP requesting the same URI, Apache should make a decision to re route
the request to a different site https://--------

 

How do I do that?

 

Any support is appreciated.

 

I tried several ways to establish this but each time it fails. I don’t have the failure
logs for one particular attempt.

 

%{REMOTE_ADDR}  

%{HTTP:X-FORWARDED-FOR}

%{REMOTE_HOST}  - When trying for a domain based redirect

 

Thanks

Priya

 

 

 

 

Mime
View raw message