.htaccess路径只能通过ip访问 [英] .htaccess path only accessible by ip

问题描述

我想使用.htaccess配置阻止我的站点的路径。这个想法是，只有一组特定的IP可以从URL访问特定路径。

注意：这是一个路径，而不是一个页面或目录。我们试图屏蔽网络服务，所以只会发送到网址的呼叫。

我想要url example.com / rest 被阻止，基于IP的URL后面的一切。因此，应该阻止 example.com/rest/test_service 和 example.com/rest/test_service/read p>

应用程序的所有其他路径应该仍然有效。

我以前尝试过但不似乎工作不一样的页面可以这样访问。

  SetEnvIf Request_URI/ rest $rest_uri 
 
< ; RequireAll> 
要求env rest_uri 
< RequireAny> 
需要ip XXX.XXX.XXX.XXX 
< / RequireAny> 
< / RequireAll> 
  

我尝试过不同的东西，但没有一个似乎工作。任何帮助都不胜感激。

解决方案

您可以使用这样的指令来允许某个URL的IP范围：

$如果URL是/ rest或/ rest /
SetEnvIf Request_URI/rest（/.*)?$

订单拒绝，允许

＃首先拒绝所有
从所有

拒绝＃然后允许如果env var未设置
从env =！rest_uri

允许您的IP范围
允许从10.1.0.0/16

I would like to block a path from my site using the .htaccess configuration. The idea is that only a specific set of IP's can access that specific path from the URL.

Note: It's a path, not a page or directory. We are trying to shield off a web-service so there will be only post calls to the URL's.

I would like the url example.com/rest to be blocked and everything behind that url based on IP. So example.com/rest/test_service and example.com/rest/test_service/read should be blocked.

All other paths from the application should remain functional.

What I've tried the following but it doesn't seem to work. Not a single page is accessible like this.

SetEnvIf Request_URI "/rest$" rest_uri

<RequireAll>
    Require env rest_uri
    <RequireAny>
        Require ip XXX.XXX.XXX.XXX
    </RequireAny>
</RequireAll>

I've tried different things but none of them seem to work. Any help is appreciated.

解决方案

You can use directives like this to allow an IP range for certain URL:

# set env variable if URL is /rest or /rest/
SetEnvIf Request_URI "/rest(/.*)?$" rest_uri

Order deny,allow

# first deny all
Deny from all

# then allow if env var is not set
Allow from env=!rest_uri

# also allow your IP range
Allow from 10.1.0.0/16

这篇关于.htaccess路径只能通过ip访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！