On 8/23/06, Jignesh Badani <jbadani@xxxxxxxx> wrote:
Hello all, let me try again. I have the following restriction in place: SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in SetEnvIf COOKIE ^XSESSION let_xuser_in <Location /> Order Deny,Allow Deny from all Allow from env=let_10161_in Allow from env=let_xuser_in </Location> It basically means users whose X-FORWARDED-FOR contains 10.161 gets in. Also it allows users who have a Cookie "XSESSION" gets in. Now, how do I combine them such that only users with both the conditions set can get in or otherwise Deny access. Meaning, a user has to come from 10.161 and also needs to have a XSESSION cookie set inorder to get access. Can I form such an expression in SetEnvIf ? If so how ?
# This next line always matches SetEnvIf Remote_Addr . let_10161=0 SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1 SetEnvIf COOKIE ^XSESSION let_xuser_in SetEnvIf let_10161_in ^0$ !let_xuser_in Allow from env=let_xuser_in You can write it in a less obtuse way if you use mod_rewrite. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|