2009/5/12 Roman Medina-Heigl Hernandez <roman@xxxxxxxxxxx>:
> My final solution is:
>
> RewriteBase /stats
> RewriteCond %{REMOTE_USER}/<>$1 !^([^<]+)<>\1
> RewriteRule ^/clientes/(.*) /stats/%{REMOTE_USER}/stats/http/$1
>
> RewriteCond $1 !^[^/]+/stats/http/
> RewriteRule ^/clientes/(.*) hacking_attempt [F]
>
>
> The alternative (adding L) is:
>
> RewriteBase /stats
> RewriteCond %{REMOTE_USER}/<>$1 !^([^<]+)<>\1
> RewriteRule ^/clientes/(.*)
> /stats/%{REMOTE_USER}/stats/http/$1 [L]
>
> RewriteCond $1 !^[^/]+/stats/http/
> RewriteRule ^/clientes/(.*) hacking_attempt [F,L]
>
> But I see no real difference between both solutions. Am I right?
L makes only sense to abort something below, i.e. if there's nothing,
there's nothing to abort (F implies L btw., the substitution will be
dropped as well). Your second rule (forbidden) comes never true, if
the first rule matched. So you could stop further (useless) processing
with the L flag at your first rule.
Bob
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|