1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 10:06 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

SetEnvIfNoCase Remote_Host ~plus~ RewriteCond %{REMOTE_HOST}

Belt-and-suspenders blocking iffily consistent. Syntax prob?

         

Pfui

1:02 am on Mar 20, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Bottom Line:

Why does the REWRITING section, below, work all the time, whereas the BLOCKING section does not? I need to completely block a host in as few lines as possible.

Details, Details:

1.) BLOCKING:

Is there a way to effectively combine the two SetEnv statements into one that works? (Currently every SetEnv entry I have is twinned and I need to pare down .htaccess. Again.)

Alternatively, because SetEnv is unpredictably unreliable for me...

2.) REWRITING:

Is there any way to effectively combine the super-long "upc-a" through "upc-z" statements? That list takes up a lot of .htaccess real estate but when I tried to cut to the chase with SetEnv, the troublemakers breezed in again.

3.) "httpd.conf":

Grasping at straws here... Could the following Apache 1.3.x config be implicated in inconsistent SetEnv? (E.g., Does the last line need to be commented out? Or other lines uncommented?)

#
# Controls who can get stuff from this server.
#
# Order allow,deny
# Allow from all
</Directory>

Thanks in advance for your assistance!

.
##
## BLOCKING: Does NOT block example.com
##
order allow,deny
SetEnvIfNoCase Remote_Host "^.example.com$" keep_out
SetEnvIfNoCase Remote_Host "^.example.com" keep_out
<Files *>
Deny from env=keep_out
</Files>
allow from all
deny from env=keep_out

##
## REWRITING: Blocks example.com
##
RewriteCond %{REMOTE_HOST} ^[^.]+\.[^.]+\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-a\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-b\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-c\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-d\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-e\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-f\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-g\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-h\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-i\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-j\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-k\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-l\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-m\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-n\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-o\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-p\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-q\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-r\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-s\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-t\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-u\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-v\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-w\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-x\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-y\.example\.com$ [OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-z\.example\.com$
RewriteRule ^.*$ - [F]

##

Key_Master

2:14 am on Mar 20, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



What exactly do you want to allow or disallow? There are inconsistencies in what you are asking for and the code you have posted.

# Blocks example.com, doesn't block subdomain.example.com
SetEnvIfNoCase Remote_Host ^example\.com$ keep_out

<Files *>
order allow,deny
allow from all
deny from env=keep_out
</Files>

Your rewrite code doesn't block example.com. It only blocks subdomain.subdomain.example.com
or subdomain.upc-[a-z].example.com

# Simplified code.
RewriteCond %{REMOTE_HOST} ^[^.]+\.[^.]+\.example\.com$ [NC,OR]
RewriteCond %{REMOTE_HOST} ^[^.]+\.upc-[a-z]\.example\.com$ [NC]
RewriteRule .* - [F]

Pfui

4:49 am on Mar 20, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Thank you for the tackling the mess I presented!

I hope to redirect all of example.com (a major and ongoing source of troublemaking visitors) in as few lines as possible. Alas, various permutations of my usual mod_rewrite coding didn't work.

For example, here are examples of their 'standard' host name format:

a72239.upc-a.example.com
a48112.upc-a.example.com
g195103.upc-g.example.com
h60029.upc-h.example.com
h115180.upc-h.example.com
j194007.upc-j.example.com

But for some reason (please note that mod_rewrite is not my forte!), the following wasn't effective on its own:

RewriteCond %{REMOTE_HOST} ^[^.]+\.example\.com$

Neither was this next attempt, even though similar code works for other hosts with multiple, changing, um, prefixes:

RewriteCond %{REMOTE_HOST} ^[^.]+\.[^.]+\.example\.com$

So I ended up basically enumerating ever single server I could identify. Sort of like putting 27 locks on one front door -- yeah, it looks weird. But it works:)

Apres your post, I look forward to correcting the <Files *> code, condensing the SetEnv, and also reducing that server list into the wonderfully pithy upc-[a-z]. No news will mean good news (crosses fingers) so again, thanks!

Key_Master

5:04 am on Mar 20, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Well, if you want to block all visitors from anysubdomain.example.com, all you need is the following code.

RewriteCond %{REMOTE_HOST} \.example\.com$ [NC]
RewriteRule .* - [F]

No need for the set_env/files directives.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 10:06 am May 2, 2026