1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 5:17 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

[co]

for variety's sake

         

lucy24

1:50 am on Oct 13, 2012 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



This seems to work as intended, but I'd like assurance that it works because it's correct as opposed to just working because, er, it happens to work: 

RewriteCond %{HTTP_COOKIE} !cookiename=1
RewriteCond %{HTTP_REFERER} one-specific-page [OR]
RewriteCond %{REMOTE_ADDR} ^12\.34\. [OR]
RewriteCond %{HTTP_USER_AGENT} one-specific-UA
RewriteRule directory/page/(\w+\.html)?$ - [L,CO=cookiename:1:.example.com:43200]

RewriteCond %{HTTP_COOKIE} !cookiename=1
RewriteRule directory/page/(\w+\.html)?$ /boilerplate/sorry.html [L]


Intention: Low degree of privacy, not security. All pages in directory are flagged noindex. It would be very foolish to robot-out the directory, since bad robots would then know of its existence and make a beeline for it ;)

Accessible to people who:
have been there in the past month (60 x 24 x 30 = 43200)
OR arrive directly from one specific page
OR come from a particular IP range
OR, uhm, people who are me (UA exemption for one browser, UA spoofing isn't a concern).

Else:
rewrite (no 40x or 301) to error-type page which happens to be used only in this one situation, but I've worded it so it can be recycled for other analogous situations later

Have I got this right?

phranque

11:42 am on Oct 25, 2012 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month 




RewriteCond %{HTTP_COOKIE} !cookiename=1
...
RewriteRule directory/page/(\w+\.html)?$ - [L,CO=cookiename:1:.example.com:43200]

RewriteCond %{HTTP_COOKIE} !cookiename=1
RewriteRule directory/page/(\w+\.html)?$ /boilerplate/sorry.html [L]


maybe i'm just confused - when would that 2nd rule ever fire?

phranque

11:48 am on Oct 25, 2012 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



have been there in the past month (60 x 24 x 30 = 43200)
OR arrive directly from one specific page


actually i misread the code and it depends on whether your code or your description is correct.
with the [OR] specified as described the 2nd rule could never fire.

with the default [AND] as implemented it is possible.

lucy24

9:25 pm on Oct 25, 2012 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



condition1 = cookie is absent
!condition1 = cookie is present

So:

IF ((condition1) AND AT LEAST ONE OF (condition2 OR condition3 OR condition4)) THEN execute first rule, i.e. go to requested page and set cookie.

IF ((condition1) AND NONE OF (condition2 OR condition3 OR condition4)) THEN execute second rule, i.e. rewrite to apologetic page.

IF NOT (condition1) then neither rule applies; carry on to the requested page without changing cookie (though I should probably reset it to start the month running again)

The combination of ! with OR only works because each line is looking at a different factor: IP or referer or UA.

I've tested it on myself, and logs for "live" version confirm that it worked as intended. (Past tense because after a short time a spoilsport came along and deleted the link-- but it was interesting while it lasted, and the spoilsport's identity confirmed my underlying point.)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 5:17 pm May 1, 2026