stoneh
Reputation: 1
RewriteCond for ipv6 subnet under .htaccess
i'm having a question related to ipv6 address that reach a website. The apache logs, shows clients x-forward ips under ipv4 and ipv6
This website is protected under .htaccess via a ipv4 whitelist for each allowed subnet.
Example :
RewriteCond %{HTTP:X-FORWARDED-FOR} !^123\.45\.67
RewriteCond %{HTTP:X-FORWARDED-FOR} !^123\.45\.68
RewriteCond %{HTTP:X-FORWARDED-FOR} !^123\.45\.69
How can i do the same for a ipv6 prefix , since the following does not seems to work
RewriteCond %{HTTP:X-FORWARDED-FOR} !^\[1234:123:123::/48\]
If i specify the ipv6 client ip in the rewritecond it works. But only for a period of time until his ipv6 address gets renewed.
Upvotes: 0
Views: 892
Answers (1)
julp
Reputation: 4010
Could you try:
RewriteCond expr "! %{HTTP:X-FORWARDED-FOR} -ipmatch '1234:123:123::/48'"
It implies Apache >= 2.4, native (meaning without the use of an expression) RewriteCond does not handle IP range/CIDR notation.
Upvotes: 1
Related Questions
- Only allow IPv6 addresses in Apache
- Matching IPv6 address to a CIDR subnet
- RewriteRule with an IPv6 IP address does not work
- Apache rewrite subnet ip range
- .htaccess Deny From All - IPv6 & Domains Not Allowing
- htaccess simulate rewritecond IF..ELSE against ip address
- IP redirect IPv6 HTTP:X-FORWARDED-FOR
- How to block ip range in htaccess using specific RewriteCond
- htaccess mod_rewrite allow ipv6
- htaccess redirecting by ip range