RewriteCond %{REMOTE_ADDR} does not appear to work

skewray

skewray

New Member
#1
#1
I would like to reject http requests that mimic a browser but come from the cloud. For Apache, this might be (for one IP range),

RewriteCond %{REMOTE_ADDR} 3.0.0.0/9
RewriteCond %{HTTP_USER_AGENT} Mozilla
RewriteRule ^.* "-" [F]

However, the first RewriteCond doesn't appear to work In LiteSpeed Enterpise; stuff gets through. Am I missing something, or is the REMOTE_ADDR syntax not fully implemented?

(An IP range does work for "Deny from", but that knocks out legitimate traffic.)
 
serpent_driver

serpent_driver

Well-Known Member
#2
#2
CIDR-Notation doesn't work in modRewrite because CIDR-Ranges don't understand REMOTE_ADDR in modRewrite.

Try this:

Apache config: 
RewriteCond %{REMOTE_ADDR} ^3\.(\d|[1-9]\d|1[01]\d|12[0-7])\.
RewriteCond %{HTTP_USER_AGENT} Mozilla
RewriteRule ^.* - [F]

or if you don't need User-Agent:

Apache config: 
<RequireAll>
    Require not ip 3.0.0.0/9
</RequireAll>
 
Last edited:
You must log in or register to reply here.
Top