.htaccess and RewriteEngine On

Discussion in 'Installation/Configuration' started by Boon-Dog-Danny, Dec 29, 2008.

  1. Boon-Dog-Danny

    Boon-Dog-Danny New Member

    I'm really confused about the htaccess file I have read a ton of tutorials and forums yet I'm still not able to get this working right,

    RewriteEngine on
    RewriteCond %{HTTP_USER_AGENT} ^-$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^_$ [OR]
    RewriteRule .* - [F]

    that cause server errors..


    anyone know how to add this?
     
  2. Antennipasi

    Antennipasi ISPConfig Developer

    maybe. first you should say what (and why?) you are trying to do, and post here how your .htaccess looks now.
    apache-errors does not hurt eirher...
     
  3. Boon-Dog-Danny

    Boon-Dog-Danny New Member

    im enabling the rewrite in the htaccess file
    do I have to enclose the conditions in a tag?


    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_USER_AGENT} ^-$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^_$ [OR]
    RewriteRule .* - [F]
    </ifModule>
     
  4. Antennipasi

    Antennipasi ISPConfig Developer

    Code:
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_USER_AGENT} ^-$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^_$
    RewriteRule ^.* - [F,L]
    </ifModule>
    this should do the trick. make sure that mod_rewrite is actually enabled. above code will return "Error 403 Forbidden" for matching user agents.
    looks like you are trying to block robots, right?
     
  5. Boon-Dog-Danny

    Boon-Dog-Danny New Member

    those actually block a DoS attack, I went ahead and placed it in my /etc/apache2

    <Directory /var/www/*/web>
    Options +Includes -Indexes
    AllowOverride All
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    <files ~ "^\.st">
    Order allow,deny
    Deny from all
    Satisfy All
    </files>
    <Files images>
    deny from all
    </Files>
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^-$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^_$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Morfeus.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*revolt.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^.*Toata.*$ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^libwww-perl/[0-9].[0-9]* [NC,OR]
    RewriteCond %{THE_REQUEST} (\?act\=) [NC,OR]
    RewriteCond %{THE_REQUEST} (sql_login) [NC,OR]
    RewriteCond %{THE_REQUEST} (basepath) [NC,OR]
    RewriteCond %{THE_REQUEST} (libpath) [NC,OR]
    RewriteCond %{THE_REQUEST} (absolute_path) [NC,OR]
    RewriteCond %{THE_REQUEST} (vwar_root) [NC,OR]
    RewriteCond %{THE_REQUEST} (includedir) [NC,OR]
    RewriteCond %{THE_REQUEST} (file=http:\/\/) [NC,OR]
    RewriteCond %{THE_REQUEST} (name=http:\/\/) [NC,OR]
    RewriteCond %{THE_REQUEST} (phpbb_root_path) [NC,OR]
    RewriteCond %{REMOTE_ADDR} ^63\.148\.99\.2(2[4-9]|[34][0-9]|5[0-5])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^63\.226\.3[34]\. [OR]
    RewriteCond %{REMOTE_ADDR} ^63\.212\.171\.161$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.118\.41\.(19[2-9]|2[01][0-9]|22[0-3])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.102\.12\.2(2[4-9]|3[01])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.102\.17\.(3[2-9]|[4-6][0-9]|7[01]|8[89]|9[0-5]|10[4-9]|11[01])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^65\.102\.23\.1(5[2-9]|6[0-7])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^128\.242\.197\.101$ [OR]
    RewriteCond %{REMOTE_ADDR} ^64\.140\.49\.6([6-9])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^66\.51\.199\.244$ [OR]
    RewriteRule .* - [F,L]
    </IfModule>
    </Directory>

    seems to be working ok.
     
  6. Boon-Dog-Danny

    Boon-Dog-Danny New Member

    wanted to add in case someone was reading ..I dont think the above code would work, although it would not throw an error either..
    RewriteCond %{HTTP_USER_AGENT} ^_$ <---no [OR] ..rewrite stops here never to go to the next line to fail and last .. no error but no result..
    RewriteRule ^.* - [F,L]
    </ifModule>

    I could be wrong but I have been reading a lot about how it works http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html and I dont think you leave off the last or next condition.. but thanks
     
    Last edited: Dec 30, 2008
  7. Antennipasi

    Antennipasi ISPConfig Developer

    i think you should read that page again. on link you posted search "or next condition". there should not be [OR]- or [AND]-statement in last RewriteCond-line. if you put it on code i sended, it will give error for any useragent, because there is no RewriteConditions anymore. in examplecode mod_rewrite keeps reading until [L] is terminating it in RewriteRule.
     
  8. Boon-Dog-Danny

    Boon-Dog-Danny New Member

    re

    well thats why I said i did not think.. I did re-read the page I see the photo shows nothing, i wonder if [NC] would still be needed.. being host3 could be upper or lowercase http://FOO.COM.. follow? I have other How htaccess works sites that show the or tags all the way as well.. I'm going to try it without it, and if I have trouble I'll just readd it.

    thanks by the way :)
     
  9. Antennipasi

    Antennipasi ISPConfig Developer

    yes i follow :) [NC] could be there, it does no say anything about next condition. [OR] and [AND] are logical operators and logically does not work if there is nothing to operate with. keep on reading and trying, thats what we all have to do.
     

Share This Page