For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

stolivar_88319's avatar
stolivar_88319
Icon for Nimbostratus rankNimbostratus
Feb 11, 2009

.htaccess no longer denying pages to non specified IP addresses

Seems i have ran into another problem. Websites that have .htaccess files in directories that restrict viewing a page if you don't match an IP isn't working anymore.     my .htaccess look...
config
design
stolivar_88319's avatar
stolivar_88319
Icon for Nimbostratus rankNimbostratus
Feb 24, 2009
also tried this in

 

RewriteEngine on

 

RewriteCond %{HTTP:X-Forwarded-For} "!^(10\.[0-9]{1,3}|192\.[0-9]{1,3}|169\.147})\.[0-9]{1,3}\.[0-9]{1,3}$"

 

RewriteRule .* - [F]

 

 

RewriteCond %{HTTP:Authorization} !^$

 

RewriteCond %{QUERY_STRING} ^$

 

RewriteRule ^index\.html$ index.html_%{HTTP:Authorization}

 

RewriteRule ^([^_]*)_([^B|b]*)Basic.?([A-Za-z0-9]*) /index.html [L,QSA,R,NC]

 

RewriteCond %{ENV:REDIRECT_STATUS} 200

 

RewriteRule ^.*$ - [L]

 

order deny,allow

 

deny from all

 

AuthType Basic

 

AuthUserFile /pulse-root/shawn/.htpasswd

 

AuthName "Directory Protected"

 

Require valid-user

 

Satisfy any

 

AddType text/html .html .htm

 

AddHandler server-parsed .html .ht

 

 

 

trying the different conditions and rules commentting them out as I went. nothing helped