On 4/29/2013 2:11 PM, Angela Barone wrote:
On Apr 27, 2013, at 2:25 PM, Jim Albert wrote:
Is your .htaccess at the proper directory level with the resource you
want to block?
If there are .htaccess files at sublevels that could be your problem.
Is .htaccess readable by your apache user?
Is Apache configured for AllowOverride with at minimum Limit at the
appropriate level?
Hi Jim,
All excellent points, but everything is in order.
I may have stumbled upon something. Our ISP has CloudFlare turned on
for this domain and, after a lot of searching, it appears that
CloudFlare changes the IP address of the visitor (I may not be wording
that correctly). Using a PHP scripts, HTTP_X_FORWARDED_FOR gives me my
proper IP address while REMOTE_ADDR is blank. Unfortunately, I still
can't block myself. I've tried:
RewriteCond %{HTTP_X_FORWARDED_FOR} !!=69.163.150.25
RewriteCond %{HTTP_X_FORWARDED_FOR} ^69\.163\.150\.25$
RewriteCond %{REMOTE_ADDR} !!=69.163.150.25
RewriteCond %{REMOTE_ADDR} ^69\.163\.150\.25$
Am I going about this all wrong?
Thank again,
Angela
It sounds like you are saying your ISP is providing you with a reverse
proxy for your web server.
If so, these pages might be helpful:
https://freistil.zendesk.com/entries/21852711-How-can-I-restrict-IP-addresses-in-htaccess-with-the-reverse-proxy-in-front-
http://serverfault.com/questions/235648/apache-use-x-forwarded-for-for-allow
http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html#setenvif
That's not exactly what you would want to do, but possibly something
along those examples except you want to deny.
The idea is you set an environment variable based on some condition you
are checking on... in your case another environment variable and then
deny based on that env being set.
You should check with your ISP to confirm the environment variable in
which they are supplying the real client's IP address unless you are
convinced it is HTTP_X_FORWARDED_FOR.
I'm making some assumptions here so maybe check with your ISP if those
suggestions make sense for your environment.
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org