Forum Moderators: phranque
I was wondering if somebody could check my logic on the rewritecond's below. I have no way to test this apart from getting an email from the hosting company saying that they are about to suspend my account for high usage.
The code is:
# stop requests with no UA or referrer
RewriteCond %{HTTP_REFERER} ^$
Rewritecond %{HTTP_USER_AGENT} ^$
RewriteCond %{REMOTE_ADDR} !^1\.1\.1\.1$ [OR]
RewriteCond %{REMOTE_ADDR} !^2\.2\.2\.2$
RewriteRule ^(.*) - [F]
This should block access to clients with no referrer and no user agent except where the ip address is 1.1.1.1 or 2.2.2.2.
I experimented with this a while back, but got into a little trouble because a wordpress cron job made a connection without UA or REF, got forbidden and tried again after 30s. Several hours later I was suspended for high number of requests to the file and taking cpu resources. I found a site with some tips and they add one IP address, but I have two I need to allow from.
Would the above code function correctly?
<snip>
Thanks in advance
Tim
[edited by: jdMorgan at 8:26 pm (utc) on July 13, 2008]
[edit reason] No URLs, please. See Terms of Service. [/edit]
If you think about it, the address will always be (NOT 1.1.1.1) OR (NOT 2.2.2.2) even if the address is equal to one of those, because it will NOT be also equal to the other at the same time.
You don't need the start anchor or parentheses in the RewriteRule either, since you are not using a back-reference:
# stop requests with no UA or referrer
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteCond %{REMOTE_ADDR} !^1\.1\.1\.1$
RewriteCond %{REMOTE_ADDR} !^2\.2\.2\.2$
RewriteRule .* - [F]
Jim
When you write it like you did I can see how OR was a bad choice. I will put this on my server a lot happier now!
Thanks again
Tim
