On Sun, Sep 6, 2009 at 4:54 PM, Markus Wolf<makuswol...@yahoo.com> wrote: > I have directories that contain IP addresses. > > /171.35.110.12_some_characters > /172.30.97.4_some_other_random_characters > > Now I would like to only allow access to a folder in .htaccess when the > referer IP address matches the first part of the directory name.
What do you actually mean with the "referer IP address". The referrer is normally the URL of the page the URL of the current request was found on. It will normally be hostname based, not IP. Furthermore the reffere url is based on a header set by the browser, so it is not a good idea to base security on it, as it is easily manipulated. Or maybe you want to restrict access based on client IP? That is something different, however. > Basically: > > <Directory /171.35.110.12_*> > Order Deny,Allow > Deny from All > Allow from 171.35.110.12 > </Directory> > > I reckon it'd be a bit of an overkill if I created an entry for every > possible IP address. ;) > > Is it somehow possible to automate this restriction by using some sort of > variables? > > Something like this, to catch all existing folders: > > <Directory /($REFERER_IP)_*> > Order Deny,Allow > Deny from All > Allow from ($REFERER_IP) > </Directory> > > If it's possible to do it, what would the exact syntax look like? Well, for startesr, there is no "REFERER_IP" environment variable, and you can't use environment variables in this way anyway. If you want complex authentication you could do something with RewriteRules. But could you first be more clear about what it is you want to achieve' Krist -- krist.vanbes...@gmail.com kr...@vanbesien.org Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
