combine redirect Rewrite rule and .htacess Auth?

Forum Moderators: phranque

Message Too Old, No Replies

combine redirect Rewrite rule and .htacess Auth?

jexx

10:02 pm on Feb 22, 2006 (gmt 0)

I want to authorize access to a certain domain, for dev purposes, for some specific domains and IPs using deny,allow in .htaccess.
however, the domain *does* receive some redirect (301) traffic to a different site, so I want to be able to redirect unauthorized users instead of serving 403 and authorize access for the allowed domains.
i assume(?) that you need to set and env. variable and deny from all except for those that match the redirect condition. is this possible?

this is the current htaccess snippet:

RewriteEngine on

RewriteCond %{HTTP_HOST} (.*)\.other-domain\.com
RewriteRule (.*) [main-domain.com...] [R=301]

order deny,allow
allow from .office-domain.com
deny from all

...

obviously the deny from all prevent the redirect from ever happening, so i am wondering if it is possible to exclude those coming to the other-domain.com from this condition?

jdMorgan

5:36 am on Feb 23, 2006 (gmt 0)

If I understand that problem, then you can combine it like this:


RewriteEngine on
#
# redirect all requests for otherdomain to maindoamin
RewriteCond %{HTTP_HOST} \.other-domain\.com
RewriteRule (.*) http://www.main-domain.com/$1 [R=301,L]
#
# Deny all other access except for office-domain
RewriteCond %{REMOTE_HOST} !\.office-domain\.com
RewriteRule .* - [F]

It's not clear how your authentication enters into this. If you are using mod_auth. then you'll probably need a combination of mod_setenvif, mod_auth, and mod_access, possibly combined with the Apache core "satisfy" directive.

Jim