RewriCond vs. Deny from

Forum Moderators: phranque

Message Too Old, No Replies

RewriCond vs. Deny from

Is there a priority for the "Deny from"?

Marino

9:30 am on Feb 27, 2005 (gmt 0)

Hello,

In my .htaccess, I've got several sets of rules.

RewriteCond %{HTTP_REFERER} (-Ś\.Ś/)foo [NC,OR]
RewriteCond %{HTTP_REFERER} foo(-Ś\.Ś/)
RewriteRule ^(.*)$ %1 [R=301,L]
[...]
Deny from 68.52.19.***

And some referrers like www.foovideo*****.***, the IPs of which are listed in my long "Deny from" section, will be given a 403 instead of a loop on themselves...

Is there a priority for the Deny from directive or what?

[edited by: jdMorgan at 3:50 pm (utc) on Feb. 27, 2005]
[edit reason] Obscured specifics. [/edit]

jdMorgan

3:58 pm on Feb 27, 2005 (gmt 0)

RewriteCond and Deny From are processed by completely-separate Apache modules, namely mod_rewrite and mod_access. The order in which these modules process your .htaccess file is determined by the order in which they appear in the LoadModule list in the server configuration.

Each module processes your .htaccess files, and it handles only the directives that it understands. For this reason, the order in which you specify directives in your .htaccess file only has meaning within the scope of a particular module. The modules are invoked in the reverse order that they are loaded. So for example, if mod_rewrite is loaded first, followed by mod_access, then all mod_access directives will be processed first in the order that they appear in your .htaccess file, followed by all mod_rewrite directives in the order that they appear. But if if you inter-mix the directives for the two modules, that will not change the order in which they are executed.

In most standard Apache configurations, mod_access directives are executed first, followed later by mod_rewrite directives.

Jim

Marino

9:48 am on Mar 2, 2005 (gmt 0)

Wow... Thanks. I'll check with my web hosting co.