모두 거부, htaccess를 통해 하나의 IP 만 허용
모든 것을 거부하고 단일 IP 만 허용하려고합니다. 그러나 단일 IP에 대해 다음 htaccess를 사용하고 싶습니다. 둘 다 작동시키는 방법을 찾지 못했습니다. 모두 거부하고 하나만 허용하고 다음 옵션을 허용하십시오.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#When your application folder isn't in the system folder
#This snippet prevents user access to the application folder
#Submitted by: Fabdrol
#Rename 'application' to your applications folder name.
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin
ErrorDocument 404 /index.php
</IfModule>
이 작업을 수행하는 방법이 있습니까?
order deny,allow
deny from all
allow from <your ip>
이 질문에 이미 대답이 있지만 Apache 설명서 에는 다음과 같이 나와 있습니다.
mod_access_compat에서 제공하는 Allow, Deny 및 Order 지시문은 더 이상 사용되지 않으며 향후 버전에서 제거 될 예정입니다. 그것들을 사용하지 말고 사용을 권장하는 오래된 튜토리얼을 피하십시오.
따라서 더 미래 지향적 인 답변은 다음과 같습니다.
<RequireAll>
Require ip xx.xx.xx.xx yy.yy.yy.yy
</RequireAll>
이 페이지가 "오래된 자습서"중 하나가되지 않도록 도와 주었기를 바랍니다. :)
해당 작업을 위해 설계된 지시문을 사용하여이를 개선 할 수 있습니다.
ErrorDocument 403 /specific_page.html
Order Allow,Deny
Allow from 111.222.333.444
Where 111.222.333.444 is your static IP address.
When using the "Order Allow,Deny" directive the requests must match either Allow or Deny, if neither is met, the request is denied.
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order
Slightly modified version of the above, including a custom page to be displayed to those who get denied access:
ErrorDocument 403 /specific_page.html
order deny,allow
deny from all
allow from 111.222.333.444
...and that way those requests not coming from 111.222.333.444 will see specific_page.html
(posting this as comment looked terrible because new lines get lost)
Improving a bit more the previous answers, a maintenance page can be shown to your users while you perform changes to the site:
ErrorDocument 403 /maintenance.html
Order Allow,Deny
Allow from #.#.#.#
Where:
#.#.#.#is your IP: What Is My IP Address?- For
maintenance.htmlthere is a nice example here: Simple Maintenance Page
You can use the following in htaccess to allow and deny access to your site :
SetEnvIf remote_addr ^1\.2\3\.4\.5$ allowedip=1
Order deny,allow
deny from all
allow from env=allowedip
We first set an env variable allowedip if the client ip address matches the pattern, if the pattern matches then env variable allowedip is assigned the value 1 .
In the next step, we use Allow,deny directives to allow and deny access to the site. Order deny,allow represents the order of deny and allow . deny from all this line tells the server to deny everyone. the last line allow from env=allowedip allows access to a single ip address we set the env variable for.
Replace 1\.2\.3\.4\.5 with your allowed ip address.
Refrences :
I wasn't able to use the 403 method because I wanted the maintenance page and page images in a sub folder on my server, so used the following approach to redirect to a 'maintenance page' for everyone but a single IP*
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !**.**.**.*
RewriteRule !^maintenance/ http://www.website.co.uk/maintenance/ [R=302,L]
Source: Creating a holding page to hide your WordPress blog
Just in addition to @David Brown´s answer, if you want to block an IP, you must first allow all then block the IPs as such:
<RequireAll>
Require all granted
Require not ip 10.0.0.0/255.0.0.0
Require not ip 172.16.0.0/12
Require not ip 192.168
</RequireAll>
First line allows all
Second line blocks from 10.0.0.0 to 10.255.255.255
Third line blocks from 172.16.0.0 to 172.31.255.255
Fourth line blocks from 192.168.0.0 to 192.168.255.255
You may use any of the notations mentioned above to suit you CIDR needs.
You can have more than one IP or even some other kind of allow like user, hostname, ... more info here https://www.askapache.com/htaccess/setenvif/
SetEnvIf remote_addr ^123.123.123.1$ allowedip=1
SetEnvIf remote_addr ^123.123.123.2$ allowedip=1
SetEnvIf remote_addr ^123.123.123.3$ allowedip=1
SetEnvIf remote_addr ^123.123.123.4$ allowedip=1
Order deny,allow
deny from all
allow from env=allowedip
If you want to use mod_rewrite for access control you can use condition like user agent, http referrer, remote addr etc.
Example
RewriteCond %{REMOTE_ADDR} !=*.*.*.* #you ip address
RewriteRule ^$ - [F]
Refrences:
Add the following command in .htaccess file. And place that file in your htdocs folder.
Order Deny,Allow
Deny from all
Allow from <your ip>
Allow from <another ip>
참고URL : https://stackoverflow.com/questions/4400154/deny-all-allow-only-one-ip-through-htaccess
'IT' 카테고리의 다른 글
| MySQL 8.0-클라이언트는 서버가 요청한 인증 프로토콜을 지원하지 않습니다. (0) | 2020.06.14 |
|---|---|
| Android Studio에서 벡터 자산의 채우기 색상 변경 (0) | 2020.06.14 |
| PostgreSQL 클라이언트 라이브러리를 찾을 수 없습니다 (libpq) (0) | 2020.06.14 |
| C ++에서 문자열에 int를 어떻게 추가합니까? (0) | 2020.06.14 |
| 이미지 크기를 비례 적으로 조정하고 종횡비를 유지하는 방법은 무엇입니까? (0) | 2020.06.14 |