允许基于HTTP:X-FORWARDED-FOR在htaccess中访问
[英]Allow access in htaccess based on the HTTP:X-FORWARDED-FOR
问题描述
Hi i should only allow the particular ip address(which is HTTP:X-FORWARDED-FOR adresses) to access the files. 
嗨,我应该只允许特定的IP地址(HTTP:X-FORWARDED-FOR地址)访问文件。 I have done it by the following 我是通过以下方式完成的
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:X-FORWARDED-FOR} !^xxx.xxx.x.xx$
RewriteRule ^$ http://xxx.xxx.x.xx/access_denie.php [R=301,L]
Now i have to allow it for multiple ip for example yyy.yy.y.yy. 现在我必须允许它为多个ip,例如yyy.yy.y.yy。 How can i do it by using htaccess 我怎么能用htaccess做到这一点
1 个解决方案
解决方案1
8 已采纳 2012-12-18 12:02:19
The ^xxx.xxx.x.xx$ portion of your RewriteCond is simply a regular expression. RewriteCond的^xxx.xxx.x.xx$部分只是一个正则表达式。 You can easily use groups to add more IP addresses: 您可以轻松使用组添加更多IP地址:
^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You will notice I have escaped all the . 你会注意到我已经全部逃脱了. s with a backslash - this is because . 用反斜杠 - 这是因为. has a special meaning in a regular expression, and it needs to be escaped if you want it to match only a literal . 在正则表达式中具有特殊含义,如果您希望它只匹配文字,则需要对其进行转义. character. 字符。
So your new RewriteCond will look like this: 所以你的新RewriteCond将如下所示:
RewriteCond %{HTTP:X-FORWARDED-FOR} !^(xxx\.xxx\.x\.xx|yyy\.yy\.y\.yy)$
You can easily add more IP addresses, simply separate them with | 您可以轻松添加更多IP地址,只需将它们与|分开即可 characters. 字符。
Please note, however, that this approach does not give you any real security. 但请注意,这种方法并不能为您提供任何真正的安全保障。 It would be easy to spoof a request to get past this. 欺骗一个请求来解决这个问题会很容易。 If you need security you should use SSL and a proper authentication system instead. 如果您需要安全性,则应使用SSL和适当的身份验证系统。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.