apache - Redirect a range of IPs using RewriteCond

Question

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

Currently I am redirecting all users except for the IP 12.345.678.90 using:

RewriteEngine On
RewriteCond %{REQUEST_URI} !/maintenance$
RewriteCond %{REMOTE_HOST} !^12.345.678.90
RewriteRule $ /maintenance [R=302,L]

What syntax would I use to allow a range? In my Allow list I have:

Allow from 123.45.678.90/28

Would it work if I just update the REMOTE_HOST line to:

RewriteCond %{REMOTE_HOST} !^12.345.678.90/28

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-10-23T17:46:40+0000

If you're using Apache HTTPD 2.4 or later, you can use expressions to match REMOTE_ADDR against a CIDR mask.

The short form looks like this:

RewriteCond expr "-R '192.168.1.0/24'"

The following longer form is also available, but the documentation suggests it is less efficient:

RewriteCond expr "%{REMOTE_ADDR} -ipmatch '192.168.1.0/24'"

That makes the full solution to your example something like this:

RewriteEngine On
RewriteCond %{REQUEST_URI} !/maintenance$
RewriteCond expr "! -R '12.345.678.90/28'"
RewriteRule $ /maintenance [R=302,L]