What's happening is a time-out loop, the request keeps re-fetching goodbye.html and the redirect keeps redirecting.

1) You didn't provide what your intent is with this
redirect?
a)If your intent is devious (a challenge to the
redirected visitor) it will cause you more trouble
than it's worth, and especially when a 403 is the
most effective prevention.
2) focusing on a singular IP, rather than an IP range
is IMO a bad practice and will merely return you bite you
in the backside.
3) Focusing on IP ALONE may trap some innocents which you
did not desire to redirect. As a result, I would suggest
focusing on both IP and UA, or at least some portion of
the UA in a multiple condition RewriteCond.

#Please note; your host or webserver may require or exclude specific lines which may or may not be used in your htaccess.
#.
# Turn on Rewrite unless previously turned on.
RewriteEngine on
#.
RewriteCond %{REMOTE_ADDR} ^65\.xyz\.127\.207$
RewriteCond %{REQUEST_URI} !^/goodbye\.html$
RewriteRule .* http://www.example.com/goodbye.html [L]

[edited by: jdMorgan at 12:12 am (utc) on Nov. 8, 2009]
[edit reason] Obscured IP address [/edit]

Hi there...

I have an internet stalker who has been hitting my website continuously. That is one of the banned Ip addresses in my original htaccess file. The IP I am currently trying to redirect is also a snoop (friend of the banned IP) so I was trying to get a point across rather than just ban them outright also. My intent is to direct this particular person to my "goodbye" page that essentially says "hello, say hi to the witch for me, good bye" and then redirects them to another site.

I would like to be able to ban a range, how would I do that? The IP given in my example was mine, btw, I was using it to test.

What does the # mean? Is it like a comment that isnt actually a command? Should all of that be included in the file?

Sorry for all the questions, I'm so new to any of this, and thank you do much for your help.

Jennifer

If you redirect 'all' traffic to a new URL, make sure that the new URL does not also match the 'all traffic' rule or else the user sees an infinite loop. Use an extra RewriteCond with a negative match.

Be aware the R without a number gives a 302 redirect.

Lines starting with "#" are comments.

If you want to ban a range, please tell us what it is, but specifying at least one fixed part as "xyz" -- We do not post 'live' IP addresses or domains here, for everyone's benefit.

Some advice: Don't 'play cute' with unwelcome guests. Doing so only motivates them to put more effort into by-passing your access controls. Or worse, it makes whatever problem you have with them more 'personal.'

In addition, knowledge is power; Don't give any power to your enemies.

That said, your best bet is either to rewrite their requests to a page that looks 'real' but doesn't actually do anything, or to simply return a 403-Forbidden response, with no additional information. The former approach is popular with several bulletin boards which support that function; Unwelcome forum members' posts are only visible to themselves, so they soon get tired of being ignored and go away. However, implementing this function by yourself is likely more work than it is worth, so a simple 403 may be best.

Jim

AH, I didn't even think of that. about the IP addresses, I'm sorry. The one I want to ban would look like this 65.93.xyz.250 I know when I banned the other 2 ip addresses I simply left off the last 3 numbers so it would ban anything that matched the first set of numbers, as this is how it was explained to me, is that correct?

I understand about "playing cute". I was hoping to get the point across that I will block or ban anyone who is simply snooping. I have a low tolerance for bs and this person and her friends are overly nosy about my business (I breed and show dogs as a hobby, it is an upcoming litter they are snooping for news on). From what you have said though I could make a couple of dummy pages that would provide them no information while actual wanted visitors would see the real pages. I have no trouble writing simple html pages, it is the script and code type stuff that I am useless at. I have made my website myself so far, it's very basic.

Thank you for the advice and the help, it is greatly appreciated.

You stated that you wanted to ban a range of addresses, and the regex for matching ranges is complex as compared to matching single addresses. So a good 'real-world' example would have been easier for you to figure out (and modify if necessary), and would have saved some typing on this end... But here's a 'generic example' which may or may not be close to what you need:

"^192\.168\.0\.1$" or "=192.168.0.1" means match exactly "192.168.0.1"

"^192\.168\.0\." match anything starting with "192.168.0." - that is, match 192.168.0.0 through 192.168.0.255

"^192\.168\.0\.(12[89]¦1[3-9][0-9]¦2[0-9]{2})$" match 192.168.0.128 through 192.168.0.299 (but in practice, match 192.168.0.128 through 192.168.0.255 since 255 is the highest possible number in any one IP octet/digit group).

You could also write that pattern as "^192\.168\.0\.(12[89]¦1[3-9][0-9]¦2[0-4][0-9]¦25[0-5])$"to be much more precise, but it's rather a waste of time and effort (both for you and for your server's CPU).

If you happen to be lucky enough to have the range that you want to match fall on "natural" single-digit-character boundaries, then something like ^192\.168\.0\.5[3-8]$ would match 192.168.0.53 through 192.168.0.58

Two things to note:

First, you must replace the broken pipe "¦" characters with solid pipes before use; Posting on this forum modifies the pipe characters.

Second, always keep in mind that regular-expressions patterns match characters and character-strings; Regex has no idea that these are numbers, and matches only based on the characters. Therefore, you can't just write "^192.168.0.127-255$" or "^192.168.0.[127-255]$ because regex would have to understand those strings as "numerical," which it does not. As a result, your "numbers" must be broken down into character ranges as shown in the above examples.

If these examples aren't clear (concepts such as pattern-anchoring and character-escaping aren't discussed in the examples above), then take a look at the regular-expressions tutorial cited in our Apache Forum Charter. Understanding regular-expressions is key to the successful and safe use of mod_rewrite, and comes in very handy with almost all modern high-level programming and scripting languages as well. It's well worth the investment of time to understand them.

Jim