<p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
-<a href="../mod_rewrite.html">reference documentation</a>. It describes
+<a href="../mod/mod_rewrite.html">reference documentation</a>. It describes
how you can use <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> to control access to
various resources, and other related techniques.
This includes many examples of common uses of mod_rewrite,
including detailed descriptions of how each works.</p>
-<p>Note that many of these examples won't work unchanged in your
+<div class="warning">Note that many of these examples won't work unchanged in your
particular server configuration, so it's important that you understand
them, rather than merely cutting and pasting the examples into your
-configuration.</p>
+configuration.</div>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#blocked-inline-images">Forbidding Image "Hotlinking"</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#blocking-of-robots">Blocking of Robots</a></li>
-</ul><h3>See also</h3><ul class="seealso"><li><a href="../mod/mod_rewrite.html">Module documentation</a></li><li><a href="intro.html">mod_rewrite introduction</a></li></ul></div>
+<li><img alt="" src="../images/down.gif" /> <a href="#host-deny">Denying Hosts in a Blacklist</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#referer-deflector">Referer-based Deflector</a></li>
+</ul><h3>See also</h3><ul class="seealso"><li><a href="../mod/mod_rewrite.html">Module documentation</a></li><li><a href="intro.html">mod_rewrite introduction</a></li><li><a href="remapping.html">Redirection and remapping</a></li><li><a href="vhosts.html">Virtual hosts</a></li><li><a href="proxy.html">Proxying</a></li><li><a href="rewritemap.html">Using RewriteMap</a></li><li><a href="advanced.html">Advanced techniques and tricks</a></li><li><a href="avoid.html">When not to use mod_rewrite</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="blocked-inline-images" id="blocked-inline-images">Forbidding Image "Hotlinking"</a></h2>
initiate from a page on our site. For the purpose of this example,
we assume that our site is <code>www.example.com</code>.</p>
-<div class="example"><pre>
-RewriteCond %{HTTP_REFERER} <strong>!^$</strong>
-RewriteCond %{HTTP_REFERER} !www.example.com [NC]
+
+
+<div class="example"><p><code>
+RewriteCond %{HTTP_REFERER} <strong>!^$</strong><br />
+RewriteCond %{HTTP_REFERER} !www.example.com [NC]<br />
RewriteRule <strong>\.(gif|jpg|png)$</strong> - [F,NC]
-</pre></div>
+</code></p></div>
<p>In this second example, instead of failing the request, we display
an alternate image instead.</p>
-<div class="example"><pre>
-RewriteCond %{HTTP_REFERER} <strong>!^$</strong>
-RewriteCond %{HTTP_REFERER} !www.example.com [NC]
+<div class="example"><p><code>
+RewriteCond %{HTTP_REFERER} <strong>!^$</strong><br />
+RewriteCond %{HTTP_REFERER} !www.example.com [NC]<br />
RewriteRule <strong>\.(gif|jpg|png)$</strong> /images/go-away.png [R,NC]
-</pre></div>
+</code></p></div>
<p>In the third example, we redirect the request to an image on some
- third-party site.</p>
+ other site.</p>
-<div class="example"><pre>
-RewriteCond %{HTTP_REFERER} <strong>!^$</strong>
-RewriteCond %{HTTP_REFERER} !www.example.com [NC]
-RewriteRule <strong>\.(gif|jpg|png)$</strong> http://other.site.com/image.gif [R,NC]
-</pre></div>
+<div class="example"><p><code>
+RewriteCond %{HTTP_REFERER} <strong>!^$</strong><br />
+RewriteCond %{HTTP_REFERER} !www.example.com [NC]<br />
+RewriteRule <strong>\.(gif|jpg|png)$</strong> http://other.example.com/image.gif [R,NC]
+</code></p></div>
<p>Of these techniques, the last two tend to be the most effective
in getting people to stop hotlinking your images, because they will
range, if you are trying to block that user agent only from the
particular source.</p>
-<div class="example"><pre>
-RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong>
-RewriteCond %{REMOTE_ADDR} =<strong>123\.45\.67\.[8-9]</strong>
+<div class="example"><p><code>
+RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong><br />
+RewriteCond %{REMOTE_ADDR} =<strong>123\.45\.67\.[8-9]</strong><br />
RewriteRule ^<strong>/secret/files/</strong> - [<strong>F</strong>]
-</pre></div>
+</code></p></div>
</dd>
<dt>Discussion:</dt>
</dl>
- </div></div>
+ </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="host-deny" id="host-deny">Denying Hosts in a Blacklist</a></h2>
+
+
+
+ <dl>
+ <dt>Description:</dt>
+
+ <dd>
+ <p>We wish to maintain a blacklist of hosts, rather like
+ <code>hosts.deny</code>, and have those hosts blocked from
+ accessing our server.</p>
+ </dd>
+
+ <dt>Solution:</dt>
+
+ <dd>
+<div class="example"><p><code>
+RewriteEngine on<br />
+RewriteMap hosts-deny txt:/path/to/hosts.deny<br />
+RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]<br />
+RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND<br />
+RewriteRule ^ - [F]
+</code></p></div>
+
+<div class="example"><p><code>
+##<br />
+## hosts.deny<br />
+##<br />
+## ATTENTION! This is a map, not a list, even when we treat it as such.<br />
+## mod_rewrite parses it for key/value pairs, so at least a<br />
+## dummy value "-" must be present for each entry.<br />
+##<br />
+<br />
+193.102.180.41 -<br />
+bsdti1.sdm.de -<br />
+192.76.162.40 -<br />
+</code></p></div>
+ </dd>
+
+ <dt>Discussion:</dt>
+ <dd>
+ <p>
+ The second RewriteCond assumes that you have HostNameLookups turned
+ on, so that client IP addresses will be resolved. If that's not the
+ case, you should drop the second RewriteCond, and drop the
+ <code>[OR]</code> flag from the first RewriteCond.
+ </p>
+ </dd>
+ </dl>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="referer-deflector" id="referer-deflector">Referer-based Deflector</a></h2>
+
+
+
+ <dl>
+ <dt>Description:</dt>
+
+ <dd>
+ <p>Redirect requests based on the Referer from which the request
+ came, with different targets per Referer.</p>
+ </dd>
+
+ <dt>Solution:</dt>
+
+ <dd>
+ <p>The following ruleset uses a map file to associate each Referer
+ with a redirection target.</p>
+
+<div class="example"><p><code>
+RewriteMap deflector txt:/path/to/deflector.map<br />
+<br />
+RewriteCond %{HTTP_REFERER} !=""<br />
+RewriteCond ${deflector:%{HTTP_REFERER}} =-<br />
+RewriteRule ^ %{HTTP_REFERER} [R,L]<br />
+<br />
+RewriteCond %{HTTP_REFERER} !=""<br />
+RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND<br />
+RewriteRule ^ ${deflector:%{HTTP_REFERER}} [R,L]
+</code></p></div>
+
+ <p>The map file lists redirection targets for each referer, or, if
+ we just wish to redirect back to where they came from, a "-" is
+ placed in the map:</p>
+
+<div class="example"><p><code>
+##<br />
+## deflector.map<br />
+##<br />
+<br />
+http://badguys.example.com/bad/index.html -<br />
+http://badguys.example.com/bad/index2.html -<br />
+http://badguys.example.com/bad/index3.html http://somewhere.example.com/
+</code></p></div>
+
+ </dd>
+ </dl>
+
+</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/rewrite/access.html" title="English"> en </a></p>
</div><div id="footer">
-<p class="apache">Copyright 20
09 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+<p class="apache">Copyright 20
11 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
</body></html>
\ No newline at end of file
projects / apache / blobdiff