How to restrict access to a url/sub-url based on ip? - .htaccess

I would like https://example.com/wp-json/ and everything underneath that (so /wp-json/xxx as well as /wp-json/xxx/xxx) to be accessible from 2 IP addresses only using the htaccess file.
So at the top of my htaccess file I added:
<RequireAll>
Require all granted
Require ip 111.111.111.111 22.222.222.222
</RequireAll>
But how do I add the condition in htaccess that this only applies to https://example.com/wp-json/ and its subfolders? Something like:
<If url includes https://example.com/wp-json/>
<RequireAll>
Require all granted
Require ip 111.111.111.111 22.222.222.222
</RequireAll>
</If>

<If url includes https://example.com/wp-json/>
<If "%{REQUEST_URI} =~ m#^/wp-json/#">
Reference:
https://httpd.apache.org/docs/current/expr.html

Related

about blocking a country by using .htaccess

I have tried many times, I feel desperate.
I have been able to do this successfully before on Apache 2.2.
Now my environment is Apache/2.4.18 (Ubuntu) Server
I go to https://www.ip2location.com/blockvisitorsbycountry.aspx to generate code
select ipv4
select China
select "Apache 2.4 .htaccess deny"
Then add the code to the bottom of .htaccess.
However, the result is that I cannot access the website whether I use a VPN or not.
I am located in Chinaļ¼Ž
Later, I tried to select another one country, such as Japan, to generate new blocking code.
However, the result was the same, after adding the code into .htaccess.
I also cannot access the website, even though the blocked country is Japan and I am in China.
I doubt the code, what should I do in order to get the right blocking a country code?
Some of the generated code:
<RequireAll>
Require all granted
Require not ip 1.0.1.0/24
Require not ip 1.0.2.0/23
Require not ip 1.0.8.0/21
Require not ip 1.0.32.0/19
Require not ip 1.1.0.0/24
Require not ip 1.1.2.0/23
Require not ip 1.1.4.0/22
:
now,I have solved the problem.
first of all,
the code generated from https://www.ip2location.com/blockvisitorsbycountry.aspx is 100% correct!
the reason why I cannot access the website whether using VPN or not,is that I didnot add the following code to yourdomain.conf to make https(ssl) url also support rewrite.
<VirtualHost *:443>
.......
<Directory "/var/www/html/yourdomainname/public_html">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Another solution using GeoIP and .htaccess
I have hostinger server
To enable GeoIP, all you have to do is add the following line to your .htaccess file:
GeoIPEnable On
Once added, you can verify if it's working by creating a PHP Info file and checking the PHP Variables section:
Image showing GeoIP is enabled in your server
How to use it?
To block access for perticular file in Britain, US and India:
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(GB|US|IN)$
RewriteRule (wp-login|xmlrpc).php$ - [F,L]
To allow access for whole website in Canada, UAE and India:
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA|AE|IN)$
RewriteRule ^(.*)$ - [F,L,QSA]

Nagios web interface access without slash at localhost

How can I access the Nagios web interface without using the slash on a local host?
For example, when typing the IP address i need to access nagios. In other words, I don't want to use the slash, as follows: 192.168.123.122/nagios
I think what you're looking for is a base URL redirect match within Apache.
With that, going to http://192.168.123.122 will redirect you to http://192.168.123.122/nagios
In the file:
/etc/apache/apache2.conf
Add the following lines
<Directory />
Options FollowSymLinks
AllowOverride None
RedirectMatch ^/$ /nagios
</Directory>
Restart Apache and you should be good to go.

Intranet IP Lockdown

I only want people to access the intranet from my IP.
I have searched different blogs as well but not get more.
I just want my website to be accessed by just my IP address to make it secure. I need an intranet that can be locked down by IP.
Try adding this to the .htaccess file in your web document root folder (often public_html or htdocs), changing the 999... to your IP address:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^999.999.999.999
RewriteRule ^ - [F]
This assumes that mod_rewrite is both installed and activated for htaccess files.
If you are not sure, to check if mod_rewrite is installed, look at the list of installed modules in the output of phpinfo();
By default, mod_rewrite is not enabled for htaccess files. If you are managing your own server, open httpd.conf
and make sure that the webroot directory block contains one of these lines: AllowOverride FileInfo or AllowOverride All

Protect restrict Solr Admin url from external user using .htaccess or tomcat

I have recently installed Solr on server and i want to restrict only local users can access it with .htaccess
site.com:8983/solr/admin [ restrict all user]
And below is the .htaccess code
RewirteRule on
<FilesMatch "127.0.0.1:8983/solr/admin">
Order Deny, Allow
Deny form all
Allow 127.0.0.1
</FilesMatch>
Or is there any method we can protect / restrict Solr Admin on site.com:8983/solr/admin accessing from other users
Only local ip users can use it..
And i tried this one, but its not working.
Your <FilesMatch "127.0.0.1:8983/solr/admin"> line will never match anything because you've stuck the hostname and port in the regular expression. Try using the Location container instead:
<Location "/solr/admin">
Order Deny, Allow
Deny from all
Allow 127.0.0.1
</Location>
Or better yet, Directory:
<Directory "/path/to/your/document/root/solr/admin">
Order Deny, Allow
Deny from all
Allow 127.0.0.1
</Directory>
You'll need to fill in the full path to the solr/admin directory.
Get rid of the RewirteRule on line, it doesn't do anything and it's not even spelled right and will cause a 500 error.
However, neither of these directives can be use in an htaccess file. You need to use these in either the server of vhost config. If you must use an htaccess file, then create an htaccess file in your solr/admin directory and simply put these directives in it:
Order Deny, Allow
Deny from all
Allow 127.0.0.1
Or, in the htaccess file in your document root:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !127.0.0.1
RewriteRule ^/?solr/admin - [L,F]
Check following links. Hope they will help you.
Restrict Solr Admin Access
Solr Security
Securing Solr administrative console
How to protect Apache Solr admin console

Block file from accessing using .htaccess for a subdomain

I have a website for e.g.
www.domain.com
And I have another subdomain for e.g.
test.domain.com
Both my main and subdomain point to same directory which is public_html.
I want to block access to
test.domain.com/test.jpg
but not
domain.com/test.jpg
Please note that this test.jpg is same file for both main and subdomain as they both point to same directory. So how do I block it for subdomain but not for main domain using .htaccess? Or is there any other way of doing that?
Thanks
An .htaccess file will be used regardless of the virtual host (unless explicitly deactivated using AllowOverride None), therefore you'll have to put:
<Files /full/path/to/test.jpg>
Deny From All
</Files>
in the apache configuration file inside the test.domain.com virtual host configuration.

Resources