Awesome, just trying to understand the syntax of the last SetEnvIf: SetEnvIf let_10161_in ^0$ !let_xuser_in
--> If the env variable let_10161_in is "0" - meaning the request is not from 10.161, unset (make it 0?) the let_xuser_in env variable ? And mod_rewrite for this, how ? Thanks - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Jignesh Badani "Joshua Slive" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 08/23/2006 05:10 PM Please respond to users@httpd.apache.org To users@httpd.apache.org cc Subject Re: [EMAIL PROTECTED] Is this possible ? On 8/23/06, Jignesh Badani <[EMAIL PROTECTED]> wrote: > Hello all, let me try again. > > I have the following restriction in place: > > SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in > SetEnvIf COOKIE ^XSESSION let_xuser_in > > <Location /> > Order Deny,Allow > Deny from all > Allow from env=let_10161_in > Allow from env=let_xuser_in > </Location> > > It basically means users whose X-FORWARDED-FOR contains 10.161 gets in. > Also it allows users who have a Cookie "XSESSION" gets in. > > Now, how do I combine them such that only users with both the conditions > set can get in or otherwise Deny access. > > Meaning, a user has to come from 10.161 and also needs to have a XSESSION > cookie set inorder to get access. > > Can I form such an expression in SetEnvIf ? If so how ? # This next line always matches SetEnvIf Remote_Addr . let_10161=0 SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1 SetEnvIf COOKIE ^XSESSION let_xuser_in SetEnvIf let_10161_in ^0$ !let_xuser_in Allow from env=let_xuser_in You can write it in a less obtuse way if you use mod_rewrite. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
