From: Rich Bowen Date: Thu, 5 Nov 2009 00:43:08 +0000 (+0000) Subject: Relocates another rule. X-Git-Tag: 2.3.3~42 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b7a270f9b4cc7b72b2d32f272c4752701b9cb683;p=thirdparty%2Fapache%2Fhttpd.git Relocates another rule. Please also note that this rule refers to before and after 1.3b6. That's embarrassing. It would be great if someone would apply the relevant changes to the 2.2 and 2.0 docs also. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832935 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/rewrite/access.html.en b/docs/manual/rewrite/access.html.en index 79cdaddb7ce..f65183ab774 100644 --- a/docs/manual/rewrite/access.html.en +++ b/docs/manual/rewrite/access.html.en @@ -37,6 +37,7 @@ configuration.

See also

top
@@ -191,7 +192,59 @@ RewriteRule ^/secret/files/ - [F] -
+
top
+
+

Denying Hosts in a Blacklist

+ + + +
+
Description:
+ +
+

We wish to maintain a blacklist of hosts, rather like + hosts.deny, and have those hosts blocked from + accessing our server.

+
+ +
Solution:
+ +
+
+RewriteEngine on
+RewriteMap    hosts-deny  txt:/path/to/hosts.deny
+RewriteCond   ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]
+RewriteCond   ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND
+RewriteRule   ^  -  [F]
+
+ +
+##
+##  hosts.deny
+##
+##  ATTENTION! This is a map, not a list, even when we treat it as such.
+##             mod_rewrite parses it for key/value pairs, so at least a
+##             dummy value "-" must be present for each entry.
+##
+
+193.102.180.41 -
+bsdti1.sdm.de  -
+192.76.162.40  -
+
+
+ +
Discussion:
+
+

+ The second RewriteCond assumes that you have HostNameLookups turned + on, so that client IP addresses will be resolved. If that's not the + case, you should drop the second rule, and drop the + [OR] flag from the first RewriteCond. +

+
+
+ +

Available Languages:  en 

top
-

Host Deny

- - - -
-
Description:
- -
-

How can we forbid a list of externally configured hosts - from using our server?

-
- -
Solution:
- -
-

For Apache >= 1.3b6:

- -
-RewriteEngine on
-RewriteMap    hosts-deny  txt:/path/to/hosts.deny
-RewriteCond   ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]
-RewriteCond   ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND
-RewriteRule   ^/.*  -  [F]
-
- -

For Apache <= 1.3b6:

- -
-RewriteEngine on
-RewriteMap    hosts-deny  txt:/path/to/hosts.deny
-RewriteRule   ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1
-RewriteRule   !^NOT-FOUND/.* - [F]
-RewriteRule   ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1
-RewriteRule   !^NOT-FOUND/.* - [F]
-RewriteRule   ^NOT-FOUND/(.*)$ /$1
-
- -
-##
-##  hosts.deny
-##
-##  ATTENTION! This is a map, not a list, even when we treat it as such.
-##             mod_rewrite parses it for key/value pairs, so at least a
-##             dummy value "-" must be present for each entry.
-##
-
-193.102.180.41 -
-bsdti1.sdm.de  -
-192.76.162.40  -
-
-
-
- -
top
-

Proxy Deny

diff --git a/docs/manual/rewrite/rewrite_guide.xml b/docs/manual/rewrite/rewrite_guide.xml index 106ca72c325..eba14b6bd03 100644 --- a/docs/manual/rewrite/rewrite_guide.xml +++ b/docs/manual/rewrite/rewrite_guide.xml @@ -1201,61 +1201,6 @@ RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}] -
- - Host Deny - -
-
Description:
- -
-

How can we forbid a list of externally configured hosts - from using our server?

-
- -
Solution:
- -
-

For Apache >= 1.3b6:

- -
-RewriteEngine on
-RewriteMap    hosts-deny  txt:/path/to/hosts.deny
-RewriteCond   ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]
-RewriteCond   ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND
-RewriteRule   ^/.*  -  [F]
-
- -

For Apache <= 1.3b6:

- -
-RewriteEngine on
-RewriteMap    hosts-deny  txt:/path/to/hosts.deny
-RewriteRule   ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1
-RewriteRule   !^NOT-FOUND/.* - [F]
-RewriteRule   ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1
-RewriteRule   !^NOT-FOUND/.* - [F]
-RewriteRule   ^NOT-FOUND/(.*)$ /$1
-
- -
-##
-##  hosts.deny
-##
-##  ATTENTION! This is a map, not a list, even when we treat it as such.
-##             mod_rewrite parses it for key/value pairs, so at least a
-##             dummy value "-" must be present for each entry.
-##
-
-193.102.180.41 -
-bsdti1.sdm.de  -
-192.76.162.40  -
-
-
-
- -
-
Proxy Deny