For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

stolivar_88319's avatar
stolivar_88319
Icon for Nimbostratus rankNimbostratus
17 years ago

.htaccess no longer denying pages to non specified IP addresses

Seems i have ran into another problem. Websites that have .htaccess files in directories that restrict viewing a page if you don't match an IP isn't working anymore.     my .htaccess look...
config
design
dennypayne's avatar
dennypayne
Icon for Employee rankEmployee
17 years ago
Hmmm...so I'm guessing if you disallow the specific 10.x.x.x SNAT address then legitimate customers would also get denied.

I suppose you could use an iRule to SNAT clients from 169.147.x.x and 10.x.x.x to an allowed 10. address, and everyone else to a different address that was denied in .htaccess.

Something like this: (not syntax checked) 

 
 when CLIENT_ACCEPTED { 
    if { [IP::addr [IP::client_addr]/8 equals 10.0.0.0 ] || [IP::addr [IP::client_addr]/16 equals 169.147.0.0 ] } { 
        snat to allowed address 
        snat 10.x.x.A 
       } else { 
        snat to denied address 
        snat 10.x.x.B 
   } 
 }

Denny