I think that this is a 'quite a basic question' but how do I allow two IP Addresses to permit entry:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
# ENTER IP HERE
RewriteCond %{REMOTE_ADDR} !^134.139.212.198$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule>
Can I just simply copy paste the line below where it says # ENTER IP HERE
I just want to know how to do it properly.
Thank you!
It's just copied and paste the same line.
Option #1: define all IP
Here's the only way to do it:
Allow from 145.50.39.8
Allow from 145.50.39.9
Allow from 145.50.39.10
Allow from 145.50.39.11
Allow from 145.50.39.12
Allow from 145.50.39.13
Allow from 145.50.39.14
Allow from 145.50.39.15
Allow from 145.50.39.16
Allow from 145.50.39.17
Option #2: use a partial IP
If you want something more generic, you can use a partial IP:
Allow from 145.50.39
But this will allow IP from 145.50.39.0 to 145.50.39.255.
Option #3: use a netmask or a CIDR
To get even closer, you can use a netmask or a CIDR:
Allow from 145.50.39.0/255.255.255.224
or
Allow from 145.50.39.0/27
This will allow IP from 145.50.39.0 to 145.50.39.31.
Related
Sorry if this is a duplicate: I found many questions about caching system, but my problem seems to tied to the fact that the whole script is working within a subfolder.
All I need to do is implementing a simple caching system for my website, but I can't get this to work.
Here's my .htaccess file (widely commented to be clear - sorry if too many comments are confusing):
RewriteEngine on
# Map for lower-case conversion of some case-insensitive arguments:
RewriteMap lc int:tolower
# The script lives into this subfolder:
RewriteBase /mydir/
# IMAGES
# Checks if cached version exists...
RewriteCond cache/$1-$2-$3-{lc:$4}.$5 -f
# ...if yes, redirects to cached version...
RewriteRule ^(hello|world)\/image\/([a-zA-Z0-9\.\-_]+)\/([a-zA-Z0-9\.\-_]+)\/([a-zA-Z0-9\.\-_\s]+)\.(png|gif|jpeg?|jpg)$ cache/$1-$2-$3-{lc:$4}.$5 [L]
# ...if no, tries to generate content dynamically.
RewriteRule ^(hello|world)\/image\/([a-zA-Z0-9\.\-_]+)\/([a-zA-Z0-9\.\-_]+)\/([a-zA-Z0-9\.\-_\s]+)\.(png|gif|jpeg?|jpg)$ index.php?look=$1&action=image&size=$2&data=$3&name=$4&format=$5 [L,QSA]
# OTHER
# This is always non-cached.
RewriteRule ^(hello|world)\/([a-zA-Z0-9\.\-_\s]+)\/([a-zA-Z0-9\.\-_\s]+)?\/?$ index.php?look=$1&action=$2&name=$3 [QSA]
Now, the issue is that the RewriteCond seems to be always failing, as the served image is always generated by PHP. I also tried prepending a %{DOCUMENT_ROOT}, but is still not working. If I move the whole script to the root directory, it magically starts working.
What am I doing wrong?
Well one thing that you are doing wrong is trying to use a rewrite map in an .htaccess file. in the first place. According to the Apache documentation:
The RewriteMap directive may not be used in <Directory> sections or .htaccess files. You must declare the map in server or virtualhost context. You may use the map, once created, in your RewriteRule and RewriteCond directives in those scopes. You just can't declare it in those scopes.
If your ISP / sysadmin has already defined the lc map then you can use it. If not then you can only do case-sensitive file caching on Linux, because its FS naming is case sensitive. However, since these are internally generated images, just drop the case conversion and stick to lower case.
%{DOCUMENT_ROOT} may not be set correctly at time of mod_rewrite execution on some shared hosting configurations. See my Tips for debugging .htaccess rewrite rules for more hints. Also here is the equivalent lines from my blog's .htaccess FYI. The DR variable does work here, but didn't for my previous ISP, to I had to hard-code the parth
# For HTML cacheable blog URIs (a GET to a specific list, with no query params,
# guest user and the HTML cache file exists) then use it instead of executing PHP
RewriteCond %{HTTP_COOKIE} !blog_user
RewriteCond %{REQUEST_METHOD}%{QUERY_STRING} =GET [NC]
RewriteCond %{DOCUMENT_ROOT}html_cache/$1.html -f
RewriteRule ^(article-\d+|index|sitemap.xml|search-\w+|rss-[0-9a-z]*)$ \
html_cache/$1.html [L,E=END:1]
Note that I bypass the cache if the user is logged on or for posts and if any query parameters are set.
Footnote
Your match patterns are complicated because you are not using the syntax of regexps: use the \w and you don't need to escape . in [ ] or / . Also the jpeg isn't right is it? So why not:
RewriteRule ^(hello|world)/image/([.\w\-]+)/([.\w\-]+)/([\w\-]+\.(png|gif|jpe?g))$ \
cache/$1-$2-$3-$4 [L]
etc.. Or even (given that the file rule will only match for valid files in the cache)
RewriteRule ^(hello|world)/image/(.+?)/(.+?)/(.*?\.(png|gif|jpe?g))$ \
cache/$1-$2-$3-$4 [L]
The non-greedy modifier means that (.+?) is the same as ([^/]+) so doing hacks like ../../../../etc/passwd won't walk the file hierarchy.
My website is getting bombarded with requests that are referred from an IP address.
[Sat Dec 14 22:03:14 2013] [error] [client XXX.XX.XX.XX] client denied
by server configuration: /home/user/public_html/folder/folder/,
referer: http://XXX.XXX.XXX.XXX/
You see the referrer isn't a domain name like a legit refer would be, instead it's from an IP and it bombards my website thousands of times. I have blocked the IP address and similar ones like this:
RewriteCond %{HTTP_REFERER} XXX\.XXX\.XXX [NC]
RewriteRule .* - [F]
But how can I block all referrers coming from an IP address? As far as my website is concerned the vast majority if not every single user will visit my site from a domain refer not IP address. Only a visitor with malicious intent will come vis IP refer as I am experiencing now.
RewriteCond %{HTTP_REFERER} *\.*\.* [NC]
RewriteRule .* - [F]
I tried this thinking it would work but it doesn't. I thought maybe this would be a wild card for each set of digits. But it gave a large amount of errors in the logs...
If you want to match any string that is formed like an ip address it will look something like
[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1-3}\.[0-9]{1,3}
the regex for "1 to 3 digits, four times, separated by period". Obviously you could test for just three groups of digits, but that's the general idea. A shorthand for [0-9] is \d "any digit" - and since the first three groups are the same (up to three digits followed by period) you can make the expression more compact by grouping them.
That means you might want to try this
RewriteCond %{HTTP_REFERER} (\d{1,3}\.){3}\d{1,3} [NC]
RewriteRule .* - [F]
Order Deny,Allow
Deny from all
Allow from 158.181.2.89
http://www.myip.ru/get_ip.php?loc= - i see my ip here
and i write it to allow myself only, but others ip to block, i can't understand why i can't allow that ip to enter??
$ip = $_SERVER['REMOTE_ADDR'];
$array = array('192.168.0.1', '212.112.96.6');
if (!in_array($ip, $array)) {
exit("Вход воспрещён <p>Ваш IP ".$ip."</P>");
i have tried this method, but it looks like many times other people have the same ip as me
change
Order Deny,Allow
to
Order Allow,Deny
I do not understand why it is not working.
Although you can try this If you have a static IP.
set Deny from all to Allow from all. remove Allow from 158.181.2.89.
Add this to your .htaccess in DocumentRoot
RewriteEngine on
RewriteBase /
RewriteCond %{REMOTE_ADDR} !xxx\.xxx\.xxx\.xxx
RewriteRule ^ - [F]
F is for forbidden. rerplace the xes in xxx\.xxx\.xxx\.xxx by your corresponding Ip-addr.
I am switching system from a MVC to a custom code system. Currently we are using this format for urls:
index.php?part=CAPACITOR&type=CERAMIC&model=0805&page=spec
I need now to rewrite urls like to be more nice for user like
mysitecom/CAPACITOR/
mysitecom/CAPACITOR/CERAMIC/
mysitecom/CAPACITOR/CERAMIC/0805/spec.html#2
where #1 and #2 are the pages loaded in jquery. The developer use the old way using /index.php/CAPACITOR/CERAMIC/0805/spec.html
Because I don't think using the index.php in the url is good, what can I do to make this better?
Here's what you need to use
RewriteEngine On
RewriteBase /
RewriteRule ^([a-z0-9\-_]+)/?$ index.php?part=$1&type=all&model=all&page=index [L,NC]
RewriteRule ^([a-z0-9\-_]+)/([a-z0-9\-_]+)/?$ index.php?part=$1&type=$2&model=all&page=index [L,NC]
RewriteRule ^([a-z0-9\-_]+)/([a-z0-9\-_]+)/([a-z0-9\-_]+)/?$ index.php?part=$1&type=$2&model=$3&page=index [L,NC]
RewriteRule ^([a-z0-9\-_]+)/([a-z0-9\-_]+)/([a-z0-9\-_]+)/([a-z0-9\-_\.]+)\.html$ index.php?part=$1&type=$2&model=$3&page=$4 [L,NC]
So when a folder (example CERAMIC) is not provided you can add a flag to load all, same idea for model. It means that if only the first part is provided only he first rule will be used. As of the page.html by default you can load the index.
Now, a-z0-9\-_ means any letters, numbers, dashes and underscore ONLY. You can use ([^/]+) if you prefer that will allow you to use more characters.
The L mean last meaning if the rule match, it will stop. NC means non case so A = a or ABC = abc.
I would really appreciate anyone's help with a mod_rewrite question. I don't know regex and am not familiar with .htaccess directives, so I can't think of how to solve the problem I am having.
Below is a description of what I am trying to accomplish...
3 websites:
http://www.example.com/ or http://example.com/
http://east.example.com/
http://west.example.com/
Have pages on main site that need to be redirected to other sites:
http://www.example.com/location1
http://www.example.com/location2
http://www.example.com/location3
http://www.example.com/location4
http://www.example.com/location5
http://www.example.com/location6
Need to redirect some pages to one website based on location, e.g http://east.example.com/:
http://www.example.com/location1 redirect to http://east.example.com/location1
http://www.example.com/location2 redirect to http://east.example.com/location2
http://www.example.com/location3 redirect to http://east.example.com/location3
(also without www) e.g.
http://example.com/location1 redirect to http://east.example.com/location1
Need to redirect some pages to another website based on location, e.g http://west.example.com/:
http://www.example.com/location4 redirect to http://west.example.com/location4
http://www.example.com/location5 redirect to http://west.example.com/location5
http://www.example.com/location6 redirect to http://west.example.com/location6
(also without www) e.g.
http://example.com/location4 redirect to http://west.example.com/location4
Want a rewrite rule that works like:
If domain name is www.example.com or domain name is example.com
And domain name is not east.example.com
And domain name is not west.example.com
And "somelocation" (in the east) is in the URL
Then Rewrite(Redirect) URL to http://east.example.com/.../somelocation/.../somepage
NOTE: the three websites actually share the same codebase, so the URLs all point to the same location/.htaccess file. So, I tried using a basic redirect, and ended up with an error that said... can't open page because of too many redirects.
If anyone knows the answer and can help with this, I would really appreciate the help!
EDIT: Example of expected results
Original URL:
"http://www.example.com/locations/eastend-web-page"
Rewritten URL:
"http://east.example.com/locations/eastend-web-page"
Please try to fill a rewritemap file (see here) to make a correspondance with the URLs that are part of your "east" domain. You may declare it like this:
RewriteMap mapmaintoeast \
dbm:/web/htdocs/yoursite/rewriterules/mapmaintoeast.map
Regarding your sample, your map file may be filled with things like:
eastlocation1 mainlocation1
eastlocation2 mainlocation2
eastlocation3 mainlocation3
...
I've called them 'east' and 'main' to distinguish clearly. These examples are supposed to be URLs.
Do the same for west:
RewriteMap mapmaintowest \
dbm:/web/htdocs/yoursite/rewriterules/mapmaintowest.map
In that file:
westlocation1 mainlocation4
westlocation2 mainlocation5
westlocation3 mainlocation6
...
Then here you go for the hard part:
# This cond put any non-empty string into "%1" (= parenthesis + first cond):
RewriteCond %{QUERY_STRING} (.+)
# The following rule doesn't touch the URL, but
# will try to search into the map file and
# create fill an environment variable called MAINTOEAST with the
# string found and if not found, assign MAINTOEAST to "notfound"
RewriteRule . - [QSA,E=MAINTOEAST:${mapmaintoeast:%1|notfound}]
# if MAINTOEAST not empty and different from "notfound":
RewriteCond %{ENV:MAINTOEAST} !^$
RewriteCond %{ENV:MAINTOEAST} !(notfound)
# ok found => redirect to east:
RewriteRule (.*) http://east.example.com$1 [QSA,R=301,L]
# Now do the same with west (no comments needed (see previous)):
RewriteCond %{QUERY_STRING} (.+)
RewriteRule . - [QSA,E=MAINTOWEST:${mapmaintowest:%1|notfound}]
RewriteCond %{ENV:MAINTOWEST} !^$
RewriteCond %{ENV:MAINTOWEST} !(notfound)
RewriteRule (.*) http://west.example.com$1 [QSA,R=301,L]
This should work.
I hope I've given you enough clues to finish the job ;)
If you don't have enough clues...
Two hints:
Please try to use the RewriteLog directive: it helps you to track down such problems:
# Trace:
# (!) file gets big quickly, remove in prod environments:
RewriteLog "/web/logs/mywebsite.rewrite.log"
RewriteLogLevel 9
RewriteEngine On
My favorite tool to check for regexp:
http://www.quanetic.com/Regex (don't forget to choose ereg(POSIX) instead of preg(PCRE)!)
RewriteEngine On
# If domain name is www.example.com or domain name is example.com
RewriteCond %{HTTP_HOST} ^(www\.)?example.com$ [NC]
# And "somelocation" (in the east) is in the URL,
# Then Rewrite(Redirect) URL to http://east.example.com/.../somelocation/.../somepage
RewriteRule ^(.*somelocation.*)$ http://east.example.com/$1 [R,L]
You'd need to do the same thing for west. Note that if the domain name is www.example.com or example.com, it cannot be east.example.com or west.example.com