homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe and Support WebmasterWorld
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

How to redirect a specific ip address rquesting a specific page

 6:31 pm on Jun 30, 2011 (gmt 0)

I have a competitor who is routinely accessing a "special offers" page on our site and I want to show them a fake version of the page. They are coming in from a static IP address so I want to work off of that. We are on shared hosting at Godaddy, with a Linux server. I can not figure out why the following will not work in my htaccess file. It is the only thing I have in the file, and it brings the site down.

I'm new at this htaccess business and have already spent hours going through Apache documentation, this forum, and anything I could find on the Internet trying to figure out what the problem is, and I'm stuck. Hopefully a fresh set of eyes will spot my error, and thanks in advance for any help provided!

RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_ADDR} ^123\.123\.123\.123$
RewriteCond %{REQUEST_URI} ^/"real offers file name with spaces.html"$
RewriteRule .* /fakeoffersfilenamenospaces.html [R=301,L]



 7:32 pm on Jun 30, 2011 (gmt 0)

Easier would be to use php ..just on the page itself

$competitor = $_SERVER['REMOTE_ADDR'];
if (preg_match("/hisipgoeshere/",$competitor)) {
header('Location: http://www.example.com/fakepage.html');
} else {
header('Location: http://www.example.com/specialofferspage.html');

This has to go right at the top of the page before anything else even before the "doc type" line or it wont work..
He gets the fake page ..everyone else gets the real one..works unless he changes his IP.


 7:48 pm on Jun 30, 2011 (gmt 0)

Toss the RewriteBase line. Won't do any harm, but you don't need it.

Does your page URL really contain spaces? Bad Idea. Among other things, it means that whenever it shows up in any htaccess regex, you have to escape the spaces
"\ "
since a space has meaning in htaccess.

Whether you are dealing with the underlying problem in the most appropriate way is a whole nother thread ;)


 8:14 pm on Jun 30, 2011 (gmt 0)

Redirecting harvesters to an alternative page is a bad administrational decision, which may actually present a further challenge to the harvester, then returning to bite you in the backside, when the harvester begins throwing multiple UA's and/or IP's at you.

It's much more effective for a webmaster (in the long run) to simply deny access.

%{REQUEST_URI} is not required to contain the complete URL and will function based upon anchors (begins with, ends with or contains).
You may even use a solitary keyword of URI when using the "contains" rule.


 12:48 pm on Jul 1, 2011 (gmt 0)

Thank you all for the responses.

Leo- I know even less about php than htaccess, but this sounds interesting. I will need to give it a try if only to try to learn a little more.

Lucy- Yes, spaces. I didn't do it. I suspected that the spaces were a problem and thought the quotes would handle it. Discussing the "underlying problem" would require a LOT of typing!

Wild- The chance of them figuring it out is very small. My first thought was blocking them, or maybe redirect to a page with a "special expletive deleted message" just for them. But as Sun Tzu said in the Art of War, "War is based on deception", so this approach may not be as gratifying but it will be more useful, even if only for a short time.



 3:55 pm on Jul 1, 2011 (gmt 0)

UPDATE- Still stumped, nothing worked!

Leo- tried your php code and it had no effect. We put it at the top of the http://www.example.com/specialofferspage.html page. Should it be somewhere else?

Lucy- we dropped the RewriteBase line and used this:
RewriteCond %{REQUEST_URI} ^/real\ offers\ file\ name\ with\ spaces.html"$
It had no effect. Was I supposed to leave the quotes like this?
RewriteCond %{REQUEST_URI} ^/"real\ offers\ file\ name\ with\ spaces.html"$


 4:07 pm on Jul 1, 2011 (gmt 0)

It should be in the code before the line where you declare the doctype..
It should be the very first thing in the code.


 9:04 pm on Jul 1, 2011 (gmt 0)

It should be in the code before the line where you declare the doctype.
It should be the very first thing in the code.

I think this is happening in htaccess.

After all those spaces, you forgot to escape the period in \.html :)

And if that's a direct cut & paste, you have a superfluous close quote in version #1, so it will never match. In version #2 the quotation marks would have to go before the opening slash. (If you're allowed to use them at all. Don't look at me.)

That's assuming all of this really is a top-level file. If not, you have to leave off the opening anchor so it finds the file no matter where it lives.

Come to think of it, why is the request URI even mentioned as a Condition? You only need to name the Bad Guy (as %{REMOTE_ADDR} or user-agent or however you recognize him), and then proceed directly to the Rule.


 8:22 am on Jul 2, 2011 (gmt 0)

.htaccess solution:

You do NOT want an external REDIRECT. Your code delivers a 302 redirect. The person accessing the page will see "http://www.example.com/fake-page.html" in the address bar of their browser. What you need here is an internal REWRITE.

You do not need to test REQUEST_URI here. Put the URL to be tested in the RewriteRule RegEx pattern.

That is, "RewriteRule .*" says "test every page, image, stylesheet, script request" to see if it matches. You only want to match one specific URL request, so put that one in the RewriteRule RegEx pattern.

The RewriteRule target will be "/fake-page.html" specified without domain name, because you want an internal rewrite not an external redirect.

Add only the [L] flag. Omit the [R] flag. You do not want an external redirect.

The reason the code appears to not work is because your browser caches the response codes and the page content. Clear your browser cache before each test.

PHP solution:

The proposed PHP solution also delivered an external 302 redirect exposing the fake page name. What was needed here was a simple include statement. You deliver the fake page to certain visitors, but you deliver it at the exact same URL they originally requested.


For either method, I would ensure that the page also delivers an expires HTTP header loaded with the current date and time in order to prevent caching:

HEADER ("Date: " . gmDate("D, d M Y H:i:s") . " GMT");
HEADER ("Expires: " . gmDate("D, d M Y H:i:s") . " GMT");


 8:29 pm on Jul 2, 2011 (gmt 0)

g1smd is right ( I wasn't thinking quite devious enough there ;-) ..that php would work better if it ran an "include" rather than redirected via header.


 9:12 pm on Jul 2, 2011 (gmt 0)

This thread also helped clear my thought processes on a related issue. I am building a system that shows an interstitial page to some visitors when some actions are attempted. It all happens with not a redirect or HTTP POST in sight.


 8:20 pm on Jul 7, 2011 (gmt 0)

Hello All,

Thanks for the suggestions, unfortunately I'm still stuck, but I think I'm making progress.

I have my web guy loading the htaccess file from his system, while I test it from mine, using my IP address as the target. Every time I test I'm manually clearing my browser history, cookies and cache.

We tried this (and some other combinations) based on all your comments:

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^123\.123\.123\.123$
RewriteRule .*^/realspecials\.html$ /fakespecials\.html [L]

In testing I never was directed to the fakespecials page, but continued to get the realspecials page.

Seeing as we had gotten rid of all the spaces in the file names so that we wouldn't have to deal with the whole quotes business anymore we decided to go back to the very beginning and we ran this:

RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_ADDR} 123\.123\.123\.123
RewriteCond %{REQUEST_URI} /realspecials\.html
RewriteRule .* /fakespecials\.html [L]

This seems to sort of work. I'm getting an error page that says:

"The requested URL /fakespecials.html was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

Fakespecials is definitely there. In previous tests where I kept getting the realspecials page, if I typed the full path for fakespecials in my browser address bar it would take me there. Now when I do that, I get the error page above. The path to fakespecials appears in my browser address bar, so it appears the first part of the code, the test conditions, are recognizing the target IP and trying to serve up the substitute page, but the problem is in delivering the page.

Again, my humble thanks for any clues provided to help get me to a working solution.


 8:27 pm on Jul 7, 2011 (gmt 0)

The pattern
.*^/ is nonsense.

^ means "begins with" so there cannot be anything before it.

.* pattern is absolutely the wrong thing to use. It means match the entire URL request string, all of it.

There is no need to test REQUEST_URI. The RewriteRule RegEx pattern should do that (sans leading slash).


 9:03 pm on Jul 7, 2011 (gmt 0)

If you are going to use php ..then as g1smd said ..and I forgot :) ..use this

$competitor = $_SERVER['REMOTE_ADDR'];
if (preg_match("/HISIPADRESS/",$competitor))//any IP you want to fool//

include ('fakepage.php');
} else {
include ('realpage.php');


Put the above just after the opening body tag of the real page..

Leave all the rest of the real page headers including titles, metas, etc just they are..

make fakepage.php correspond to the body content for him..
make realpage.php correspond to the body content for every one else..

leave the body area blank apart from the scripts ..so

<head>Real page header</head>
$competitor = $_SERVER['REMOTE_ADDR'];
if (preg_match("/HISIPADRESS/",$competitor))//any IP you want to fool//

include ('fakepage.php');
} else {
include ('realpage.php');


that will work..as long as he doesn't use proxies or his IP doesn't change.

I agree with g1smd re errors (I'd be never be presumptuous/ competent enough to disagree ;)..

IMO you might be paying your web "dev" much more than (s)he is worth ..

and now I'll stop posting php snippets in the apache forum..apologies to all ..especially Jim and g1smd :)..plus there are doubtless real php experts looking ;) and smiling :)

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved