There is no support for "including" an external file in mod_setenvif, or in .htaccess itself.

If you have server configuration-level privileges so that you can modify httpd.conf or conf.d, for example, then you can define a RewriteMap function in mod_rewrite in the config file, and access that map from .htaccess using the rewritemap-access method of RewriteCond and RewriteRule.

Otherwise, I'd suggest implementing your access controls as a script included on your pages, or writing a script to serve your pages by checking access controls and then reading and sending their content.

Another possibility is to write a script that takes your ban-list text file as input, and creates or prepends mod_setenvif directives to your existing .htaccess file, based on manual invocation or a periodic cron job.

Jim

I got it. I created a php script on every one of my pages that checks the banlist.txt file. If the IP address is in the list it opens a page that goes no where and emails me.

I like this method rather than filling up my htaccess file with deny from IPs.

Thanks for the advice/response.

Now I just need a way to catch the spam bots that try to post to my PHPBB forum. Any ideas?

Instead of posting directly to the PHPbb forum script, have the POST go to a script that implements the filters you need, and then posts the data to the forum. I'd suggest filtering for REMOTE_ADDR, REMOTE_HOST, and X_FORWARDED_FOR, as well as filtering all 'special characters' out of the post data itself, such as HTML tags and redirection pipes (this latter may already be done by PHPbb -- I'm not a forum owner, so I'm not sure).

Jim