If this code is in .htaccess, remove the leading slash from the RewriteRule pattern.

Jim

Jim,

This is in httpd.conf.

is there any other pattern that i can use to achieve the same

Thanks

I'm assuming that you have other working mod_rewrite rules already, establishing that mod_rewrite is configured and working on this server. Also, I assume that you've restarted your server after adding the code, and have flushed your browser cache prior to testing any changes.

I'd suggest the following tweak to the code, but I don't see anything really wrong:

RewriteEngine on
RewriteCond %{HTTP_COOKIE} !MYCOOKIE
RewriteRule ^/myhome/content/ - [F]

The trailing (.*)$ on your pattern was redundant, as leaving the pattern unanchored does the same thing, and no back-reference is needed.

If that doesn't work, try a temporary 'test' redirect, so that you'll be able to see the cookie value that Apache is seeing:

RewriteEngine on
RewriteRule ^/myhome/content/testcookie.html http://www.example.com/?cookie_value=%{HTTP_COOKIE} [R=302,L]

This just does a temporary redirect, appending the cookie value to your index page's URL, so that you'll be able to see the cookie value in your browser address bar. Just point the redirect to any page (home page shown in example) that won't get upset by having that query string appended; If necessary, create a simple 'hello world' html page to do this test.

Jim

Jim,

Thanks again!

But its very strange that the same code works on Apache 2.0.X but not in 1.3

has anybody seen this kind of discrepencies across different versions of Apache?

Thanks

I do know that you cannot *set* a cookie using mod_rewrite on Apache 1.x -- That functionality was added to mod_rewrite released with Apache 2.0. There are often differences --generally documented at the directive level-- between versions, and between sub-versions.

I'm not sure about Apache version differences in *checking* cookies, though -- I haven't done it myself, which is why my answers were general. Apache was in existence before cookies were invented, so check your specific 1.x version, and the release notes for several versions 'on either side' of it.

Jim

Thanks Jim, That makes sense.

now going back to my rule, I am trying to allow only the JPG files to be accessible even though the Cookie doesn't exist/match but it should restrict all other contents.

So I modified my code in this way

#########
RewriteEngine on
RewriteCond %{HTTP_COOKIE}!MYCOOKIE
RewriteRule ^/myhome/content/.*\.jpg$ - [R=301,L]
RewriteRule ^/myhome/content/(.*)$ - [F]
########

This is working partially, means it is doing exactly what i need when the Cookie doesn't match
but it also forbidding the access to /myhome/content/... when the Cookie exists/matches

Or do you think i should write two separte conditions and rules like this

#########
RewriteEngine on
RewriteCond %{HTTP_COOKIE}!MYCOOKIE
RewriteRule ^/myhome/content/.*\.jpg$ - [R=301,L]

RewriteCond %{HTTP_COOKIE} MYCOOKIE
RewriteRule ^/myhome/content/(.*)$ - [R=301,L]
########

Appreciate your help in this regard.

Thanks Again

Two points:

1) RewriteConds apply only to the single rule that follows them.
2) Both cases in your code would have created an infinite redirect loop, since they redirected to the same URL as was requested.

A slight rearrangement and tweak of the code might help:

RewriteEngine on
#
# If incorrect or missing cookie, block all except .jpg requests with 403-Forbidden response
RewriteCond %{REQUEST_URI} !\.jpg$
RewriteCond %{HTTP_COOKIE} !MYCOOKIE
RewriteRule ^/myhome/content/ - [F]

Jim