[users@httpd] lexicographical rewritecond

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I wanted to block a range of IPs. Since the documentation says if < 
or > precedes the CondPattern, then CondPattern is treated as a plain 
string and is compared lexicographically to TestString, I added the 
following to .htaccess:

RewriteCond %{REMOTE_ADDR} <208.66.195.16
RewriteCond %{REMOTE_ADDR} >208.66.195.
RewriteRule .* - [F,L]

This did block the intended range, but also blocked other IPs, 
including
128.152.20.33
139.18.13.198
207.46.98.89
207.46.98.89
207.46.98.89
24.4.158.217
65.55.213.10

These do not seem to be lexicographically in the specified range.

I am not asking how to the block the range -- I have found a couple 
of workable methods. I am seeking an explanation of the 
"lexicographical" comparison.

As an example that is easier to test, I also tried 

RewriteCond %{QUERY_STRING} <roaring.com
RewriteCond %{QUERY_STRING} >lion.com
RewriteRule .* - [F,L]

with http://example/?snake.com, giving the following in the rewrite 
log.

RewriteCond: input='snake.com' pattern='<roaring.com' => matched
RewriteCond: input='snake.com' pattern='>lion.com' => matched
forcing 'D:/example/' to be forbidden

-- 
s


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux