1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:24 pm May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Rewriting REMOTE HOST: Hyphenated address/array split

Possible to do with regex?

         

Pfui

7:23 pm on Apr 30, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Greetings from a regex-challenged Web geek. Here's hoping someone can please help me rewrite two separate, obsessively relentless message board troublemakers, each of which hails from a semi-dynamic IP -- apparently newly-generated every few days (on re-boot?) -- and both are in a BIG geo area (Los Angeles).

1.) CULPRITS:
Here are obfuscated examples, with yyy and zzz being numbers --

Troublemaker A, e.g.:
adsl-71-134-yyy-yyy.first.example.pacbell.net
adsl-71-135-zzz-zzz.secondt.example.pacbell.net

Troublemaker B, e.g.:
pool-71-105-yyy-yyy.first.example.verizon.net
pool-71-106-zzz-zzz.second.example.verizon.net

2.) WORKS:
Playing catch-up and rewriting, alas only AFTER each intrusion --

RewriteCond %{REMOTE_HOST} ^adsl-71-134-yyy-yyy\.first\.example\.pacbell\.net$
RewriteRule ^.*$ [private.com...] [R,L]

RewriteCond %{REMOTE_HOST} ^pool-71-105-yyy-yyy\.first\.example\.verizon\.net$
RewriteRule ^.*$ [private.com...] [R,L]

3.) DOESN'T WORK:
The server (Apache/1.3.22) does a reverse look-up (or some such; httpd.conf config) so when there's a valid HOST, the server does NOT block based on REMOTE_ADDR alone, regardless of where I put htaccess instructions. Thus these don't work (presuming I even did them correctly!) --

RewriteCond %{REMOTE_ADDR} ^71\.134\.$
## Troublemaker usually uses:
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*4322
RewriteCond %{REQUEST_URI} ^(.*)/perlscript(.*)$
RewriteRule ^.*$ [private.com...] [R,L]

RewriteCond %{REMOTE_ADDR} ^71\.105\.$
## Troublemaker usually uses:
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*98
RewriteCond %{REQUEST_URI} ^(.*)/perlscript(.*)$
RewriteRule ^.*$ [private.com...] [R,L]

4.) HELP, please?
is there any way to turn the examples in (1.) into workable, rewritable REMOTE_HOST ranges? (This Mac person found a few programs claiming to be able to help craft strings and such but they're PC-only.) Thanks in advance for any/all assistance! -Annie

[edited by: Pfui at 7:25 pm (utc) on April 30, 2007]

jdMorgan

7:56 pm on Apr 30, 2007 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The regular-expressions patterns are incorrectly end-anchored: 

RewriteCond %{REMOTE_ADDR} ^71\.134\.$

This will only match the exact IP address "71.134."
Since that is an invalid address --missing two octets and a third period-- it will never match anything

That may be the cause of your problem.

Be aware that you can combine variables in RewriteConds, and so collapse these to a single rule: 


RewriteCond %{REMOTE_ADDR}<>%{HTTP_USER_AGENT} ^71\.134\.[^<]+<>Mozilla.*4322 [OR]
RewriteCond %{REMOTE_ADDR}<>%{HTTP_USER_AGENT} ^71\.105\.[^<]+<>Mozilla.*98
RewriteRule perlscript http://www.example.com/redirected.html [R,L]

The "<>" string is meaningless; It is used only as a 'marker' to denote the end of the IP address and the beginning of the User-agent.

If fixing the IP address pattern by removing the end-anchor doesn't help, look into setting HostnameLookups off -- See Apache Core documentation.

Jim

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:24 pm May 2, 2026