Trying to redirect a url to another page by IP range
Solution 1
Try this:
RewriteEngine On
RewriteLog "/data/wre/var/logs/modrewrite.log"
RewriteLogLevel 5
RewriteCond %{REMOTE_ADDR} ^192\.168\.10\..* [OR]
RewriteCond %{REMOTE_ADDR} ^72\.139\.201\..* [OR]
RewriteCond %{REMOTE_ADDR} ^129\.233\.4\..* [OR]
RewriteCond %{REMOTE_ADDR} ^208\.118\.97\.32
RewriteRule ^/solutions https://example.com/account/signin?go=outside [NE,NC,R=301]
Note, multiple RewriteCond directives are implicitly AND'd, you need to specify if they should be OR'd instead. If you want the browser to remember the redirection, specifying a permanent redirection might save some future processing.
Depending on your config, it might be easier to specify the Known Good ranges and redirect for everyone else. From the rewrite manual on redirecting foreigners: Apache Manual
RewriteEngine on
RewriteCond %{REMOTE_HOST} !^.+\.ourdomain\.com$
RewriteRule ^/solutions https://example.com/account/signin?go=outside [NE,NC,R=301]
Solution 2
It looks like you are creating a curtain (a sign-in wall, pay-wall, or maintenance-curtain, etc) that all-but a few IP ranges in the internet can get to.
This is what I have done to create such a configuration:
# This implements a maintenance curtain; only these three IPs
# can look behind the curtain. Note its useful to allow the box
# itself too.
#
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !127.0.0.1
RewriteCond %{REMOTE_ADDR} !123.234.45.6
RewriteCond %{REMOTE_ADDR} !123.234.45.78
RewriteCond %{REQUEST_URI} !^/maintenance-curtain/.*
RewriteRule / / [L,R=503]
ErrorDocument 503 /maintenance-curtain/index.html
ProxyPass /maintenance-curtain !
Alias /maintenance-curtain /var/www/maintenance-curtain
And that does look quite similar to yours. I suggest you simplify and test with just one IP first. If the rest if your configuration is fairly complex, it might be getting in the way, so try proving this in a smaller context, or moving it earlier in the configuration. Are virtualhosts getting in the way; do you need to replicate the configuration (use an Include
if you need to do that).
I will say though, that I have (I think) known things like REMOTE_ADDR to not be set in the case where some other module is not enabled.... its been a while since I struck that behaviour... is cgi_module enabled?
Related videos on Youtube
Louie Miranda
Updated on September 17, 2022Comments
-
Louie Miranda almost 2 years
I'm having a bit of a trouble here. I have this several rewrite rules which I think does not work.
My main purpose is to restrict pages and allow only specific IP or network block.
RewriteEngine On RewriteLog "/data/wre/var/logs/modrewrite.log" RewriteLogLevel 5 RewriteCond %{REMOTE_ADDR} !^192\.168\.10\..* RewriteCond %{REMOTE_ADDR} !^72\.139\.201\..* RewriteCond %{REMOTE_ADDR} !^129\.233\.4\..* RewriteCond %{REMOTE_ADDR} !^208\.118\.97\32 RewriteRule ^/solutions https://example.com/account/signin?go=outside [R,NE,NC]
I tested this again and it seems not to work? Did I did something wrong?
-
Admin almost 14 yearsif you want to allow why are you using the
!
in front of the ips ? -
Admin almost 14 yearsI mean allow those IP only? am I doing it wrong?
-
Admin almost 14 yearsif you want to allow those ips you should not use the NEGATIVE
!
in front of it. -
Admin almost 14 yearsWill post another answer below.
-
-
Louie Miranda almost 14 yearsUnder, RewriteCond %{REMOTE_ADDR} ^208\.118\.97\.32 Should I add a dollar sign $ on .32? Making it RewriteCond %{REMOTE_ADDR} ^208\.118\.97\.32$?
-
Grizly almost 14 yearsWell, I thought about that, and it would be an illegal IP to have the last octet of 32[1-9], so I figured it wouldn't make any difference. Up to you.
-
Prix almost 14 yearsWhat i am confused about is, do you want to ALLOW those ips in the question or do you want to block them ? because this answer here does what it is supose to do, it will block those ip.