httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <tevans...@googlemail.com>
Subject Re: [users@httpd] .htaccess deny question
Date Thu, 24 Jun 2010 16:35:05 GMT
On Thu, Jun 24, 2010 at 5:22 PM, Industrial Blue
<industrialblue@yahoo.com> wrote:
> Here you are:
>
> order allow,deny
> deny from 12.3.80
> deny from 12.3.81
> ...
> deny from *n\.example.com
> ErrorDocument 403 "This IP is blocked."
> allow from all
>
>
> That's it!  Thanks for any help.
>

That is incorrect syntax. It will be looking for an explicit host name
of '*n\.example.com'. That sort of wildcard expansion is not supported
by Allow/Deny directive, see here for docs:

http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow

If you need to do this sort of access checking (seems a bit nuts to me
- you can escape it by changing your dns name?), then you must follow
the example in the docs of setting an environment variable to denote
whether access should be allowed, and then using that environment
variable to allow/deny access.

Eg:

SetEnvIf Remote_Host *n\.example\.com bad_src_server=1
<Location />
  Order deny,allow
  Deny from env=bad_src_server
</Location>

Cheers

Tom

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message