I need to rewrite this rules (from apache's .htaccess):
<files "*.*">
Allow from 84.47.125.0/19 66.211.160.0/19 216.113.160.0/19
Deny from All
</files>
To lighttpd ones, to allow the access to my /pswd directory only for those IP's:
84.47.125.0/19, 66.211.160.0/19, 216.113.160.0/19
How can I do that in lighttpd?
I've never used lighttpd but I've found this on Google:
http://www.cyberciti.biz/tips/lighttpd-restrict-or-deny-access-by-ip-address.html
It has an example for blocking access for 2 IPs and for blocking a single IP. It should be easily adaptable for you by doing this:
# vi /etc/lighttpd/lighttpd.conf
and then:
$HTTP["remoteip"] !~ "84.47.125.0/19|66.211.160.0/19|216.113.160.0/19" {
$HTTP["url"] =~ "^/pswd/" {
url.access-deny = ( "" )
}
}
Related
i want a change the .htaccess file to hide the url parameters .
I would like to accept urls like
http://www.demo.com/74874 , that means http://www.demo.com?code=74874
You didn't mention what operating system you are using and instruction can vary, plus you didn't say if your are using HTTPD and if mod_rewrite is already installed/enabled. Assuming mod_rewrite is enabled and AllowOverride FileInfo is set in the server config, you could use this in your .htaccess:
RewriteEngine on
RewriteRule ^/([0-9]+) ?code=$1
This will accept any number as the path and rewrite it with the query string. If you want to keep any existing query string parameters, you would need to add [QSA] to the end of the RewriteRule.
If I have a long list of CIDR ranges to block
deny from 107.154.228.0/24
deny from 108.166.232.0/21
deny from 108.166.240.0/21
deny from 108.171.143.0/24
...
Is there a utility I should use to compress this to
deny from 107.154.228.0/24 108.166.232.0/21 108.166.240.0/21 108.171.143.0/24 ...
or should I just write a shell script to do this? I didn't want to re-invent the wheel.
I need to detect subdomain in cakephp. I assume this can be done through .htaccess rules but I'm a newbie and not much knowledge with .htaccess
You dont need to use .htaccess I found the solution using regex.
$url = "abc.yourdomain.com";
preg_match('/^(?:www\.)?(?:(.+)\.)?(.+\..+)$/i', $url, $matches);
$subdomain = empty($matches[1])? '' : $matches[1];
you will get abc in the subdomain, for www.yourdomain.com or yourdomain.com that will be empty
I would like to avoid the direct access to images in a directory. Please let me explain what i need exactly becouse its a little complicated ;)
I have a directory called "member", and in this directory are the member directorys like "thorsten" and in this directory are the images of the members. So my it looks like this:
index.php // The index.php is in the same directory as the member directory ;)
member/thorsten/Thorsten-fTeVtE-Preview-01.jpg
member/thorsten/Thorsten-gZ4Cd3-01.jpg
.htaccess // The .htaccess should be here too :)
As you can see the member thorsten has two images now, one has the Word "Preview" in it and one not. The thing that i need is that i would like to disallow the direct access through an url to the image to all images that has NOT the word "Preview" in the file name.
And another tricky part is that the user directorys like "thorsten" in this example can have any name, for instance there can be also:
member/melanie/Melanie-fh3wxcg-Preview-01.jpg
or
member/conny/Conny-fh3wxcg-Preview-01.jpg
I hope you understand what exactly i mean, the member directory name should be variable ;)
Thanks :)
There are 2 ways to do this
Method 1
When you deny access, even you can't access it through a webpage.
Step 1: Prevent access to mysite.com/member/
Into folder member, create new .htaccess file and add the following lines:
Order Deny,Allow
Deny from all
Step 2: Set up an alternative way to access the files for yourself
Into folder member create file get_image.php and add the following code:
if( !empty( $_GET['name'] ) )
{
$img_name = preg_replace( '#[^-\w]#', '', $_GET['name'] );
$img_file = "{$_SERVER['DOCUMENT_ROOT']}/member/{$img_name}";
if( file_exists( $img_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( "Content-Disposition: attachment; filename={$img_file}" );
header( 'Content-Type: image/jpeg' );
header( 'Content-Transfer-Encoding: binary' );
readfile( $song_file );
exit;
}
}
And now, you can use this URL to get the song file:
http://mysite.com/member/get_img.php?name=file-name
Method 2 Prevent access selectively.
Use Regex in your htaccess
.*?Preview.*?\.jpg
Something like this (except my RegEx can be wrong)
<FilesMatch "^member\/(?!preview)([a-z0-9]+)$">
Order Deny,Allow
Deny from All
Allow from env=REDIRECT_STATUS
</FilesMatch>
or you can also do this:<Directory /your/www/root>
<FilesMatch "^member/$">
Order Deny,Allow
Deny from All
</FilesMatch>
<FilesMatch "^member/?preview?$">
Order Allow,Deny
Allow from All
</FilesMatch>
</Directory>
Order Deny,Allow
Deny from all
Allow from 158.181.2.89
http://www.myip.ru/get_ip.php?loc= - i see my ip here
and i write it to allow myself only, but others ip to block, i can't understand why i can't allow that ip to enter??
$ip = $_SERVER['REMOTE_ADDR'];
$array = array('192.168.0.1', '212.112.96.6');
if (!in_array($ip, $array)) {
exit("Вход воспрещён <p>Ваш IP ".$ip."</P>");
i have tried this method, but it looks like many times other people have the same ip as me
change
Order Deny,Allow
to
Order Allow,Deny
I do not understand why it is not working.
Although you can try this If you have a static IP.
set Deny from all to Allow from all. remove Allow from 158.181.2.89.
Add this to your .htaccess in DocumentRoot
RewriteEngine on
RewriteBase /
RewriteCond %{REMOTE_ADDR} !xxx\.xxx\.xxx\.xxx
RewriteRule ^ - [F]
F is for forbidden. rerplace the xes in xxx\.xxx\.xxx\.xxx by your corresponding Ip-addr.