Blocking visitors by x-forwarded-for with Apache mod_rewrite

最新推荐文章于 2018-06-27 14:56:23 发布

JJ___JJ

最新推荐文章于 2018-06-27 14:56:23 发布

阅读量941

点赞数 1

分类专栏： linux

linux 专栏收录该内容

9 篇文章 0 订阅

订阅专栏

Sometimes site visitors or misbehaving crawlers need to be blocked based on their IP address. When using an Amazon load-balancer with Amazon EC2 instances, the ip address of the original client is available in the X-Forwarded-For http header.

To block a single IP, add the following to the root .htaccess file or in the VirtualHost section of apache.conf:

RewriteCond %{HTTP:X-FORWARDED-FOR} ^71.41.12.214$
RewriteRule .* - [F]

To block multiple IPs, use

RewriteCond %{HTTP:X-FORWARDED-FOR} ^71.41.12.214$

RewriteRule .* - [F]

RewriteCond %{HTTP:X-FORWARDED-FOR} ^71.42.11.63$
RewriteRule .* - [F]

And to block a range, use a regexp or an incomplete ip. Be careful here, the string is compared literally to the ip, so blocking 71.41.12.1 will block string matching ips 71.41.12.1, 71.41.12.10, 71.41.12.112. To block just 71.41.12.1, use ^71.41.12.1$