SetEnvIf and exceptions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have an apache-2.4.56 install on fedora37 and trying to block some bots from accessing the site, unless they're trying to access our RSS feeds. How can I do this?

I'm blocking the bots with SetEnvIF lines in the .htacess file in the document root like:

    SetEnvIf user-agent "(?i:libwww)" stayout=1
    deny from env=stayout
    <RequireAll>
       Require all granted
       Require not env stayout
    </RequireAll>

However, creating an entry that explicitly allows access to the XML files before or after doesn't seem to take effect:

    RewriteRule linuxsecurity_features\.xml$ - [L]

It is still blocked by the user-agent setting above. I understood the file was processed from the top down, and when a match is made, it stops processing. Is that not the case? Shouldn't the RewriteRule above, if placed before the env rule, be enough to stop processing the htaccess file and allow access?

I've also tried adding these RewriteRule entries to the server config htaccess with an Include, but it appears the .htaccess in the document root is always processed afterwards, even after finding match in the server config htaccess.

Thanks,
Dave






[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux