[英]Allow access in htaccess based on the HTTP:X-FORWARDED-FOR
Hi i should only allow the particular ip address(which is HTTP:X-FORWARDED-FOR adresses) to access the files. 嗨,我应该只允许特定的IP地址(HTTP:X-FORWARDED-FOR地址)访问文件。 I have done it by the following
我是通过以下方式完成的
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:X-FORWARDED-FOR} !^xxx.xxx.x.xx$
RewriteRule ^$ http://xxx.xxx.x.xx/access_denie.php [R=301,L]
Now i have to allow it for multiple ip for example yyy.yy.y.yy. 现在我必须允许它为多个ip,例如yyy.yy.y.yy。 How can i do it by using htaccess
我怎么能用htaccess做到这一点
The ^xxx.xxx.x.xx$
portion of your RewriteCond
is simply a regular expression. RewriteCond
的^xxx.xxx.x.xx$
部分只是一个正则表达式。 You can easily use groups to add more IP addresses: 您可以轻松使用组添加更多IP地址:
^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You will notice I have escaped all the .
你会注意到我已经全部逃脱了
.
s with a backslash - this is because .
用反斜杠 - 这是因为
.
has a special meaning in a regular expression, and it needs to be escaped if you want it to match only a literal .
在正则表达式中具有特殊含义,如果您希望它只匹配文字,则需要对其进行转义
.
character. 字符。
So your new RewriteCond
will look like this: 所以你的新
RewriteCond
将如下所示:
RewriteCond %{HTTP:X-FORWARDED-FOR} !^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You can easily add more IP addresses, simply separate them with |
您可以轻松添加更多IP地址,只需将它们与
|
分开即可 characters. 字符。
Please note, however, that this approach does not give you any real security. 但请注意,这种方法并不能为您提供任何真正的安全保障。 It would be easy to spoof a request to get past this.
欺骗一个请求来解决这个问题会很容易。 If you need security you should use SSL and a proper authentication system instead.
如果您需要安全性,则应使用SSL和适当的身份验证系统。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.