No, just post your new rule if necessary.

I'd guess you need to add an exclusion to your rule to *allow* the troublemakers to fetch your "special" pages and any images or other stuff included on them. In general terms:

RewriteCond %{REMOTE_ADDR} ^192\.34\.56\.76$ [OR]
RewriteCond %{REMOTE_ADDR} ^12\.43\.65\.10$ [OR]
RewriteCond %{REMOTE_ADDR} ^10\.19\.1\.253$
RewriteCond $1 !^server_down
RewriteRule ([^.]+)\.html$ /server_down.html [L]

If you don't do this, then any attempt to fetch the server_down.html page would result in yet another rewrite to the server_down.html page, creating a loop.

Jim

Oh, ding dong! As soon as you said that, it made perfect sense. What a dingbat I am. LOL. Of course it's going to go nuts like that.

BTW the poster I mentioned above said you were the king of this stuff. I'd have to say I agree....fast and you flipped on the light switch.

Would it be easier on the server if I did the exclusion, or if I did this: I need to do this on two domains (that share the same server), so I send him from domain to domain.

Like this:

IP in the list, redirect from site1.com to site2.com/server_down.html and vice versa.

Or does it matter?

Thanks so much!

BTW, in reading through some stuff here, I found an easier way to do an IP range without all the backslashes...I had a list of about 12 ranges, and it was making me dizzy. I found this shortcut in this thread
[webmasterworld.com...]

do you see anything wrong with this? (shortened and still includes test IP)

RewriteCond %{REMOTE_ADDR} 72.255.[25..35].* [OR]
RewriteCond %{REMOTE_ADDR} 65.8.[200..235].* [OR]
RewriteCond %{REMOTE_ADDR} 75.0.[30..35].* [OR]
RewriteCond %{REMOTE_ADDR} 24.46.[161..162].*
RewriteRule /* [domain.com...] [L,R]

> any thing wrong...?

Yes, what's wrong is that it won't work. The backslashes are not optional, and [0..83] is not valid syntax. From the thread you cited:

I should have mentioned:

62.194.[0..83].* is pseudocode, and not the correct syntax for a SetEnv or deny. The regex posted above by jdMorgan is the correct way to express it.

It is important to remember that regular expressions work on character strings; Regex has no knowledge that the character range [0-9] has any numerical meaning; it simply recognizes that notation to mean "match any character in the range of characters from '0' to '9'".

Therefore, it is rather cumbersome to code for IP address ranges using regular expressions, but it can be done if you are careful.

Taking your ranges as an example:

RewriteCond %{REMOTE_ADDR} ^72\.255\.(2[5-9]¦3[0-5])\. [OR]
RewriteCond %{REMOTE_ADDR} ^65\.8\.(2[012][0-9]¦23[0-5])\. [OR]
RewriteCond %{REMOTE_ADDR} ^75\.0\.3[0-5]\. [OR]
RewriteCond %{REMOTE_ADDR} ^24\.46\.16[12]\.
RewriteRule !^crashed\.shtml$ /crashed.shtml [L] 

And again, don't use a redirect, because it will reveal what is going on by sending a redirect response to the client's browser, where it can be detected and inspected... Reveal nothing to your enemies; Information is power.

Replace all broken pipe "¦" characters above with solid pipes before use; Posting on this forum modifes the pipe character.

Jim

Okay, I keep calling it a redirect, because I actually thought that's what it was doing. (I know zero about mod rewrite, but I bet you knew that) I understand what it's doing now.

This is all way beyond this troll's computer capability, but eventually he'll figure out the sites aren't really down for repairs. But it should buy me some time, in which I'm hoping he'll find someone else to bother. If not, the good news is that he's entirely predictable and has no idea how much information a web surfer gives to the webmaster.

Thank you greatly for such help on this...I'll be able to get those ranges straight now.

Juls

What you coded was an external redirect, by virtue of the canonical URL and [R] flag on the end or the RewriteRule. I changed it to an internal rewrite.

An internal rewrite simply changes the filepath associated with a URL: Instead of serving the content of the 'expected' file indicated in the requested URL, we rewrite the request so that the server serves the content of a different file. No indication is given to the client that this is occurring.

An external redirect is a completely-different matter: Instead of serving the requested content, the server generates an HTTP redirect response, sending a message back to the client (browser, robot, etc.) that the requested content has moved to a different URL provided in that redirect response, and must be requested from that new URL. It is then up to the client to re-request the desired resource from the new URL. So every redirect to a URL on your own site means that a second HTTP request will be needed for the client to receive the requested information. It also means that the client is "aware" of the redirect, and in fact, a browser will change the URL in its address bar when it receives a redirect and begins to re-request the resource, revealing to any attentive user that a redirect is taking place.

I hope that explains it a bit...

Jim