Reputation: 69
.htaccess Allow POST method for ONLY cetain IP ranges
I want a certain range of ips (Canada Country Block IPS) to only be able to use the POST method in my login page (http://www.mysite.com/index.php?m=account_login) and my registration page (http://www.mysite.com/index.php?m=account_register) However i want all ips to have access to my main site http://www.mysite.com/index.php and be able to use the POST method there such as our contact page (http://www.mysite.com/index.php?m=contactus)
Thank you.
<Limit GET POST>
order deny,allow
# Country: CANADA
# ISO Code: CA
# Total Networks: 6,365
# Total Subnets: 79,978,496
allow from 23.16.0.0/16
allow from 23.17.0.0/16
allow from 24.36.0.0/16
allow from 24.37.0.0/16
...
allow from 192.197.216.0/24
allow from 216.254.192.0/19
#
deny from all
</Limit>
Upvotes: 1
Views: 1852
Answers (1)
Reputation: 7888
There is no straight way to implement this but I did this myself with little trick:-D
Limit checks ONLY request method, so there is no way to check file or URL. solution for this is to use FilesMatch directive. BUT here, we have a problem,like I had: QUERY STRING :-(.
Solution for this one is to use RewriteRule
RewriteRule login.html index.php?m=account_login [L,QSA] RewriteRule register.html index.php?m=account_register [L,QSA]
Now, we have everything we want:
<FilesMatch "(login|register)\.html$">
<Limit GET POST>
order deny,allow
# Country: CANADA
# ISO Code: CA
# Total Networks: 6,365
# Total Subnets: 79,978,496
allow from 23.16.0.0/16
allow from 23.17.0.0/16
allow from 24.36.0.0/16
allow from 24.37.0.0/16
allow from 192.197.216.0/24
allow from 216.254.192.0/19
deny from all
</Limit>
</FilesMatch>
RewriteRule (register|login)\.html index.php?m=account_$1&allow=yes [L,QSA]
RewriteCond %{QUERY_STRING} m=account_(register|login)
RewriteCond %{QUERY_STRING} !allow=yes
RewriteRule index\.php - [F,L]
I prefer to create new file for logging in or registering to avoid RewriteRules.
Upvotes: 1
Related Questions
- How to Block an IP address range using the .htaccess file
- How do I allow these two IP ranges in my htaccess file?
- Block POST requests from specific IPs
- Restrict URL by IP range in .htaccess?
- How to block IPs for POST requests, but not GET?
- How to allow IPS from range in htaccess?
- How to block ip range in htaccess using specific RewriteCond
- Block IP address range with .htaccess
- how do i restrict ip block -range- using htaccess?
- IP restriction with htaccess