Re: [users@httpd] Is this possible ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Awesome, just trying to understand the syntax of the last SetEnvIf:

SetEnvIf let_10161_in ^0$ !let_xuser_in

--> If the env variable let_10161_in is "0" - meaning the request is not 
from 10.161, unset (make it 0?) the let_xuser_in env variable ? 

And mod_rewrite for this, how ?

Thanks
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
- - 
Jignesh Badani





"Joshua Slive" <joshua@xxxxxxxx> 
Sent by: jslive@xxxxxxxxx
08/23/2006 05:10 PM
Please respond to
users@xxxxxxxxxxxxxxxx


To
users@xxxxxxxxxxxxxxxx
cc

Subject
Re: [users@httpd] Is this possible ?






On 8/23/06, Jignesh Badani <jbadani@xxxxxxxx> wrote:
> Hello all, let me try again.
>
> I have the following restriction in place:
>
> SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in
> SetEnvIf COOKIE ^XSESSION let_xuser_in
>
> <Location />
> Order Deny,Allow
> Deny from all
> Allow from env=let_10161_in
> Allow from env=let_xuser_in
> </Location>
>
> It basically means users whose X-FORWARDED-FOR contains 10.161 gets in.
> Also it allows users who have a Cookie "XSESSION" gets in.
>
> Now, how do I combine them such that only users with both the conditions
> set can get in or otherwise Deny access.
>
> Meaning, a user has to come from 10.161 and also needs to have a 
XSESSION
> cookie set inorder to get access.
>
> Can I form such an expression in SetEnvIf ? If so how ?

# This next line always matches
SetEnvIf Remote_Addr . let_10161=0
SetEnvIf X-FORWARDED-FOR ^10.161 let_10161_in=1
SetEnvIf COOKIE ^XSESSION let_xuser_in
SetEnvIf let_10161_in ^0$ !let_xuser_in

Allow from env=let_xuser_in

You can write it in a less obtuse way if you use mod_rewrite.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux