Hello all,
I am trying to block requests based off of HTTP Headers using a RewriteCond
to a RewriteMap.
I have the following:
RewriteMap hosts-deny txt:/path_to/hosts.deny
RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR]
RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]
RewriteCond ${hosts-deny:%{true-client-ip}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [F]
I want to block requests if the REMOTE_HOST, REMOTE_ADDR or true-client-ip
header matches the contents of the hosts.deny file. The hosts.deny file I
have created looks like:
192.168.1.2 -
192.168.1.3 -
If the REMOTE_HOST or REMOTE_ADDR matches the contents of the hosts.deny
file, the block works. However, if I set an HTTP header for true-client-ip it
does not match. I've tried a number of combinations and cannot get this to
work as expected. I know that the true-client-ip header exists, as I am using
it to log information into a log file successfully.
--
Adam
