SOHO : Small Office Home Office
Freeware - Opensource software tips, tricks, tweaks & fixes for managing, securing, improving the performance of SOHO Desktop, Laptop, Networks

Wednesday, May 26, 2010

Cloning Harddisks with linux

To make a full hard disk image in linux we will use several small programs and a livecd. Next to this we need a place to store the image (external hard disk?). Which livecd you use is not that important. Just make sure that you access the place where you want to store the image and that you have access to gzip, dd and swapoff (if there is a swap partition). So let us see the steps to take: Boot into the livecd Make sure you can access the place where you want to store the image (1) Disable the swap partition on the hard disk you want to image (2) Start the image-making process Check if the image is stored on the requested locations without errors So let us see which commands we have to use to perform actions (1) and (2): (1)# sudo swapoff -a (2)# sudo dd if=/dev/hd_ | gzip > /mnt/hd__/image_name.dd.gz Restoring the image is as easy as making it. Let us see these steps as well Boot into the livecd Make sure you can access the place where your image is stored (3) Disable the swap partition on the hard disk you want to image (4) Start the image-restoring process Check if the image is restored on the requested location without errors So let us see which commands we have to use to perform actions (3) and (4): (3)# sudo swapoff -a (4)# sudo gzip -dc /mnt/hd__/image_name.dd.gz | dd of=/dev/hd_ That is it. I hope it is/was helpful.
Continue Reading...

Monday, May 17, 2010

.htaccess 301 redirects for ip ranges

The article published here is requested to be removed, the credit goes to the author @
http://munkyonline.co.uk/blog/htaccess-301-redirects-ip-ranges 
Continue Reading...

How to redirect a specific ip request to a specific page?

All the request to block page for the clients network with static ip is redirected to custom block page

The easy and faster way is at the server level i.,e using .htaccess

Source : http://perishablepress.com/press/2007/07/23/permanently-redirect-a-specific-ip-request-for-a-single-page-via-htaccess/

Disclaimer : I have copied and pasted the whole page here for my personal reference, the credit goes to the author at perishablepress.com.


Not the most interesting title, but “oh well”..

Recently, a reader named Alison left a comment requesting help with a particular htaccess trick. She wanted to know how to permanently redirect (301) all requests for a specific page when requested from a specific IP address. In other words, when a visitor coming from 123.456.789requests the page requested-page.html, the visitor will be redirected to just-for-you.html. All visitors not coming from that specific IP address are not redirected, and thus will see the originally requested page. Further, the redirect must apply only to requested-page.html, such that every visitor — including the one coming from 123.456.789 — will be able to see all of the other pages. Here is the htaccess code to make it happen:
# permanently redirect specific IP request for single page
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]
To use this redirect, simply edit the IP address, requested page, and redirect page. Copy and paste the code into your htaccess file and upload to your server. Test the 301 redirect via proxy and that’s it. Relax and enjoy!
82 Responses
[ Gravatar Icon ]
Shouldn’t that last line be:
RewriteRule .* /just-for-you.html [R=301,L]
302 is a temporary re-direct. 301 is permanent.
[ Gravatar Icon ]
Man, today is just not my day!
Anyway, you are absolutely correct..
I meant 301, said 301, and have no idea why I wrote 302 in the code (could be all the pain meds?).. either way, thank you for catching the error. The code now reads correctly (i think)..
[ Gravatar Icon ]
Snook#3
Hey dude this is great, but if I wanted to block an IP range, say:
214.53.25.64 - 214.53.25.128
how would it be written?
[ Gravatar Icon ]
Snook,
There are several ways to block a specific IP range.
The first utilizes a CIDR number to block the specified range (via htaccess):
# block IP range by CIDR number

 order allow,deny
 allow from all
 deny from 214.53.25.64/26
The second method is similar, only here we are expressing the range in netmask notation, using corresponding network/netmask values:
# block an IP range via network/netmask values

 order allow,deny
 allow from all
 deny from 214.53.25.64/255.255.255.192
The third method tests all IP addresses against a predefined regular expression via RewriteCond/RewriteRule directives:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^214\.53\.25\.(6[4-9]|7[0-9]|8[0-9]|9[0-9])$ [OR]
RewriteCond %{REMOTE_ADDR} ^214\.53\.25\.1([0-1][0-9]|2[0-8])$
RewriteRule .* - [F]
There is probably a more efficient way to write the regular expressions in the previous example, but that should definitely get the job done.
[ Gravatar Icon ]
A great little article Jeff; some people these days still try and use metas on occasion to generate redirects by htaccess is truely the way i should be done!
[ Gravatar Icon ]
I agree completely, Mike — handling redirects as close to the server as possible is definitely the way to go!
[ Gravatar Icon ]
um… ip cloaking via .htaccess ?
[ Gravatar Icon ]
Ah, good point there, Tony. Thanks.
[ Gravatar Icon ]
I wasn’t thinking about it until people start to ask how to do it for specific IPs, Can probably use this to send SE ip to a page and regular ip to another page, maybe further divide the regular ip into region for geo targetted cloaking.
Pretty good info here and a lot of room to think about… thanks
[ Gravatar Icon ]
This post has just made my day! I was looking all over to find this piece of code.
I have a questions though. Do I have to rewrite the “RewriteEngine On” and “RewriteBase /” everytime I want to block a different IP?
[ Gravatar Icon ]
Thank you for the kind remarks, Lisa :) And, no, you do not need to rewrite the first two directives for each different IP that you would like to block. For example, this will work just fine for multiple IPs:
# permanently redirect multiple IP requests for single page
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789
RewriteCond %{REMOTE_HOST} 456\.789\.123
RewriteCond %{REMOTE_HOST} 789\.123\.456
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]
You may add as many IPs as you like, however, keep in mind that there may be a better way to block numerous addresses via pattern matching, depending on your needs.
[ Gravatar Icon ]
how about redirecting for a specific ISP. im trying to give a certain annoying character on my site a message, he uses a certain ISP that none of my other uses use. In my log files he shows up as
##-###-##-###.dhcp.insightbb.com
His ip is constantly changing and im talking about every octet, not just the last 2.
[ Gravatar Icon ]
Hi Tweak, try the following code in your root htaccess file:

  Order Allow,Deny
  Allow from all
  Deny from dhcp.insightbb.com
This should do the trick, however it would be better to block via range of IP addresses. Using the hostname to prevent access requires your server to execute a reverse-DNS request with the DNS network, thereby reducing performance for every server request.
[ Gravatar Icon ]
I need to bar a specific ISP from allowing any of their customers access to my website. Will this code in .htaccess do that?
[ Gravatar Icon ]
Yup, should work fine! :)
Here is another way of blocking a specific ISP via its IP address(es).

 Order Allow,Deny
 Allow from all
 Deny from 123.123.123.
 Deny from 456.456.456.
..etc. You could also block via the ISP’s hostname, but there is a negative impact on performance because of all the reverse-DNS requests.
[ Gravatar Icon ]
I am trying to block an employer’s ISP from visiting my blog. It is outside their sphere of influence in my life however, I get constant criticism. I would like to redirect or block the ISP - not sure exactly if that is what this code is doing. I do not however want a message to come up that says, “You have been denied access to this page” - I just want it to be a frustrate them by redirects until they stop trying.
I am novice enough that I don’t know for sure that I know where to put this code or which part of it I need - and need to edit.
I apologize for being high maintenance about this - but any help you could offer would be greatly appreciated. Please do not comment ON my blog about this issue for the above stated reasons!
[ Gravatar Icon ]
Hi jewls, the code in the article should work fine for blocking a specific ISP. You will need to obtain the IP address of the ISP and then edit the code accordingly. The code should then be placed into your site’s web-accessible root HTAccess file. Then to display a custom error message, create a web page as desired and edit the HTAccess code to reflect the its location on your server. Once everything is in place, all visitors coming from the specified ISP will receive the “access-denied” message.
[ Gravatar Icon ]
Bob#18
Hi, I have a small fan-site that keeps being abused by one person who targets me from multiple family/friend computers. (136 contact form emails in 3 months is insane). I can see it’s him via online IP locators and they are always within a 50mile radius. There’s a real hotspot for activity in his area and it’s really annoying - I don’t get it from anywhere else. So far I’ve been collecting his specific IPs to block via a php script, but inevitably, the following week he uses a different computer and he’s at it again. The IPs are always different but generally the first 2 octets in common (A spate of attacks where the first 2 octets are always the same and on the next spate they’ve changed, but again, the first 2 octets are the same throughout that attack session - This is where I can see he is in a different town.)
What I would like to do is block his ranges of IPs and refer him to a “You are not welcome” page. I’m not IP savvy so would it be best to block him based on the first 2 octets or be more specific and do it on 3? If it means blocking a handful of innocent visitors in his area, so be it - I just cant stand the continued abuse anymore.
Also, what would the code be to do it?
I’m sorry for the longwinded message but I’m at my wits end!
[ Gravatar Icon ]
Hi Bob, I understand your frustration with malicious harassment. Fortunately, the article above provides everything you need to handle this situation effectively and securely. As you say, however, there will be a considerable number of users who will no longer enjoy access to your site, but sometimes stopping malicious behavior is worth the sacrifice. Good luck!
[ Gravatar Icon ]
Jonathan#20
Here’s how to do an “entire” ISP. For some values of “do” … :-) I’ll use “perishablepress.com” as the ISP “customer” I want to “do” …
a) find the IP of the customer:
user@host:~$ dig +short perishablepress.com
207.210.105.30
b) Find the containing netblock:
user@host:~$ whois 207.210.105.30
[examine output, looking for “netrange”, “cidr”, “inetnum”, or anything else that means “more than one IP”]
user@host:~$ whois 207.210.105.30 | grep -i cidr
CIDR: 207.210.64.0/18
c) Create a regular expression from this:
c1) Make sure a perl module is installed: CPAN - NetAddr::IP
[debian unstable or ubuntu gutsy or hardy: sudo apt-get install libnetaddr-ip-perl; redhat: have fun with that …]
c2) create an executable script with this in:
user@host:~$ cat bin/netblock2regex
#!/usr/bin/perl
use NetAddr::IP;
my $ip = new NetAddr::IP $ARGV[0], $ARGV[1];
print $ip->re(), "\n";
c3) Use the script
user@host:~$ ./bin/netblock2regex 207.210.64.0 18
?:(?
78|79|80|81|82|83|84|85|86|87|88|89|90|91|92|93|94|95|96|97|98|99|
100|101|102|103|104|105|106|107|108|109|110|111|112|113|114|115|
116|117|118|119|120|121|122|123|124|125|126|127)
\.(?:[0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(?![0-9]))
That string takes the place of the “123.\123\.123” in your htaccess file. Everything else stays the same.
HTH,
Jonathan
PS The string will probably get munged by the commenting system. There should be *no* animated smileys in your htaccess file … :-)
[ Gravatar Icon ]
Thanks for the info Jonathan. A few more explanatory notes and that comment would make an excellent article in and of itself. ;)
I think your method raises an important point. I seemed to have missed the fact that ISPs generally employ an entire range of IP addresses, not just one, as I mistakenly suggested in previous comments. Even so, I think it would be much easier to block an entire ISP (based on its CIDR number) by simply using something similar to this in your site’s web-accessible root HTAccess file:
# block ISP by CIDR

   Order Allow,Deny
   Allow from all
   Deny from 207.210.64.0/18
I am not that familiar with the perl language, so correct me if I am mistaken, but wouldn’t this technique be easier than the method described in your comment?
Regards,
Jeff
[ Gravatar Icon ]
Hi Jeff,
Great article. I have one question though: How do I redirect a page that is being served up by Wordpress’ rewrite rule?
For example, I would like to have this page:http://truthdaredoubledare.com/projects/haruurara/ redirect if requested from a specific DNS. I’ve tried the following to no avail :/
# RewriteEngine On
# RewriteBase /
# RewriteCond %{REMOTE_HOST} xxx\.xxx\.xxx
# RewriteCond %{REQUEST_URI} ./wordpress/page-to-block\.php$
# RewriteRule ./wordpress/page-to-redirect.php [R=301,L]
Thanks in advance :D
[ Gravatar Icon ]
Hamster#23
Nice tips, hopefully it will be handy for me.
I have been using toolator’s ip blocker for sometime now, which is basically pasting a html code onto the site. However they are now charging for there services, and i donät make that much money……lol.
would all that, which has been written above, be used in html format.
forgive me for being thick, but this is not my specialised subject.
[ Gravatar Icon ]
@Jeremy: I have yet to try this myself, but looking at your code, I might suggest removing the PHP file extension (i.e., \.php) from the second rewrite condition. Also, in the rewrite rule itself, you could try adding a string to match against, for example:
RewriteRule (.*) http://domain.tld/target-file.php [R=301,L]
[ Gravatar Icon ]
@Hamster: The code presented in the article will work with any web-served document, XHTML, HTML, PHP, or otherwise. You will need access to an htaccess file (or the Apache config file) to implement it, but once in place, it should work just fine.
[ Gravatar Icon ]
Emmx#26
Great bit of code, I came to comments as I had a question and found my answer here :) Thanks to the coder!
[ Gravatar Icon ]
My pleasure, Emmx, thanks for the positive feedback :)
[ Gravatar Icon ]
lenny#28
Would this work with myspace?
[ Gravatar Icon ]
Hi lenny,
No, unfortunately the redirect method described in the article is a server-side technique that requires server access to implement. I think MySpace recently restricted server access to staff only, sadly..
[ Gravatar Icon ]
I’ve setup the redirect in my .htaccess above - but has anyone else found that it slows down regular access to the web site?
I tested blocking my IP - took a while for the redirected page to appear, when I tried it from another connection - I couldn’t access my site, it just stayed there trying to find the page.
Is this something I’ve done?
[ Gravatar Icon ]
@Sheps: Nope, Apache is great at handling simple redirects (and even complicated ones!). Granted, using mod_rewrite is not the optimal way of identifying IP addresses, but it is needed to accomplish the URL-specific redirect. Perhaps there is another issue involved..?
[ Gravatar Icon ]
Almir#32
How to redirect using .htaccess
from:
mysite.com/index.php?option=com_jdownloads&Itemid=49&task=viewcategory&catid=9
to:
mysite.com/index.php?option=com_jdownloads&Itemid=49&task=viewcategory&catid=7
it ’s not working if use %{REQUEST_URI}
[ Gravatar Icon ]
@Almir: Try targeting the query string via the %{QUERY_STRING} variable.
[ Gravatar Icon ]
Almir#34
can you post example using query string, please
[ Gravatar Icon ]
Sure, here is a basic example of how to target the query string:

   RewriteCond %{QUERY_STRING} target\-string\-01 [NC,OR]
   RewriteCond %{QUERY_STRING} target\-string\-02 [NC]
   RewriteRule .* - [F,L]
That should provide enough information to facilitate further research via Google or your favorite search engine. Replace each of the target strings to match your desired query string and you should be good to go!
[ Gravatar Icon ]
This works great for redirecting a specific requested page from a specific IP to a custom page on your site.
Is it possible to redirect for any/all pages requested on the site. I still want to send that specific IP request to a custom page just for them.
# permanently redirect specific IP request for single page
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]
[ Gravatar Icon ]
Hi Tony, you should be able to remove that last RewriteCond and get the desired results. You may also want to check out this technique, which requires a password for any specified IPs, allowing open access to everyone else.
[ Gravatar Icon ]
Jeff:
Thanks for the response. I have been struggling with this for a few days and can’t get it to work. I had already tried it without the last RewriteCond and it still fails. I think what’s happening is, because the IP address is blocked, when the last line ties to send the IP address to the/just-for-you.html page, it gets caught in a loop that is blocking the /just-for-you.html page .
I tried adding this to the htaccess file and that did not work.
order allow,deny
allow from all
I also included the same code to allow for any image or sound files that were part of the /just-for-you.html page. - And it still loops.
Now I was testing this with my IP address, so maybe that has something to do with it. But when I set up a ErrorDocument 403 custom 403 page, I tested it with my IP address and it worked.
I will try the password technique (thanks) but this is driving me crazy that I can’t get it to work.
[ Gravatar Icon ]
Tony, perhaps, but keep in mind that we are not blocking anything here, only redirecting requests to a specific page.
By the way, how are you testing the target IP address? Are you using two different IP addresses to test with? The first thing to do is make sure the rewrite works by removing the IP condition and just seeing if everyone is redirected. Then, if that works, try blocking a target IP via 403 without the page redirect.
This may not yield fruit, but is where I would begin testing if I had the time.
Let me know how the password-protection method goes. You may even find what you need from that code to rig up something that is more in line with your stated objectives.
Good luck :)
[ Gravatar Icon ]
Jeff:
You’re right. I’m not blocking anything, just redirecting. I don’t know why I had it in my head that this was a block.
But now I’m really stumped. I thought there might be something in my htacess file that was causing a conflict with this rewrite. So I removed everything except this to get a clean test:
RewriteEngine On
RewriteBase /
RewriteRule .* /just-for-you.html [R=301,L]
As suggested I took out the IP condition and it still choked. What’s weird is that if I change the last line to a page somewhere else on the web, i.e., not a page on my site, it works fine. Or if I add:
RewriteCond %{REQUEST_URI} /requested-page\.html$
which if someone is already at the site and wants access to a specific requested page, it redirects just fine. But if I try to redirect from entering the site at all, it chokes.
I even tried a different browser. With IE, the page just doesn’t load. Just sits there blank page - no information. When I tried to access the page with Google’s Chrome, It still would not access the page, but it did indicate this error message:
the web page at (www.website.com/just-for-you.html) has resulted in too many redirects. Clearing your cookies for this site may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer. Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.
Tried clearing the cookies, rebooting, cleared the temp Internet file and still nothing. Maybe there is something goofy on the server side with Apache that is out of whack.
Blocking via 403 works with the system 403 page or custom page but that is the page everybody gets. Can you have different 403 pages. i.e. one for everyone and others tied to a specific IP?
Haven’t tried the password method yet because I wanted to see if I could solve this first. Perhaps I will try that and move on if I can’t get this resolved.
Sorry for the long post.
[ Gravatar Icon ]
Peter#41
Hi Jeff,
Thanks for the details and instructions on how to redirect. This article is a great resource.
I have one question, I am using your above mentioned code:
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]
The problem I am having is that I am trying to redirect my home page, so I don’t know what to enter as the requested-page. I tried my index page but the redirect didn’t work. Any idea how to redirect the root page of the website?
thanks for your time.
[ Gravatar Icon ]
Hi Peter, have you tried just using a forward slash:
^/$
Haven’t tested, but it should work.
[ Gravatar Icon ]
Simon#43
Quick question on using the htaccess files to perform redirection…. Basically the need I have is to redirect anyone that hits a certain directory except for the localhost.
So if anyone manages to hit the images drectory I use for my site, they will be redirected to a gallery page. But if I simply do the
Redirect 301 /images/directory/ http://site.com/gallery/index.php
This kills any image I have used in a webpage because it is not filtering out localhost from the redirect.
Is there any way to do this??
[ Gravatar Icon ]
Simon#44
Allrighty…. So afer having a fiddle with this I stumbled upon a remarkable thing that answered my previous question…. If you perform the 301 redirect using mod_rewrite, it no longer breaks any images that are embedded into pages.
So this entry in htaccess
Redirect 301 /images/subdir/ /images/index.php
breaks any embedded images as the localhost is not excluded from the redirect.
But this entry in htaccess
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} /images/dir/$
RewriteRule .* /images/index.php [R=301,L]
does not break any of it…
I have a suspicion that it may also have the side affect of killing hotlinking to the images from other sites… Have not tested that thought at all.
Thanks Jeff for writing the original article and everyone else for commenting, which gave me plenty to think on and experiment with.
I guess that voodoo wins everytime eh
[ Gravatar Icon ]
Hi Simon, glad to hear you got it sorted and working. HTAccess is nothing but voodoo, bordering on black magic at times. I have spent many a sleepless night wrestling with such directives, only to discover hours later a missing dot. Always a learning experience for sure.
[ Gravatar Icon ]
Simon#46
Jeff… hehe I know what you mean about missing a character in a string. Many a drinking session has been caused by that scenario….
I need to straigten out a furfie I said in my last post…
I mistakenly referred to local host being being included or excluded from the redirect.
This is not the case. The rule I posted above only works on the directory name, hence excluding the actual file from the rewrite.
I also checked as to whether it also kills the direct linking and it does not. Looking back I am not sure why I thought it would.
Sorry to ramble on, I don’t wish to be the cause of misinformation though with that previous comment. If I managed to get anything wrong again this time round, feel free to correct me.
[ Gravatar Icon ]
Thanks for following up with the clarification, Simon. You may have just saved the next guy from hitting the bottle. Always good to be thorough with plenty of documentation. Cheers.
[ Gravatar Icon ]
Baruch#48
Hi Jeff,
I’m a novice Clickbank publisher with just a handful of affiliates, whom I feel I need to cherish and take care of:). Similarly I’m a complete noob when it comes to server side scripts and such. I’ve been looking for a solution to my problem for few good weeks now and I would really appreciate you help.
I’m looking for a way to separate traffic coming to www.mywebsite.comfrom affiliate links, from the rest of the traffic, and send them to different pages. As Clickbank passes the affiliate’s nickname to the vendor in a parameter called “hop”, I would like all page requests containing parameter “hop” (*/?hop=) to be directed to www.mywebsite.com/index.html where customers can pay using Clickbank gateway, making my affiliates happy, whereas redirect all the remaining traffic towww.mywebsite.com/index2.html where a different payment processor is set up.
Is this something that can be done to .htaccess? If so, how?
I would be eternally grateful for any help.
Thanks,
baruch
[ Gravatar Icon ]
Hi Baruch, it should be do-able using Apache’s QUERY_STRING parameter. Use something like:

 RewriteCond %{QUERY_STRING} hop [NC]
 RewriteRule (.*) http://www.mywebsite.com/index.html [R=301,L]
Haven’t tested this, but the logic is sound and should get you started.
[ Gravatar Icon ]
Baruch#50
Hi Jeff,
Really appreciate your help so far. I have forgotten to mention that all affiliate links containing the parameter “hop” go to index.html by default.
So, for instance http://www.mywebsite.com/?hop=affiliatename is directed to index.html. What I have no idea about is how to redirect the rest of the hop-less traffic to index2.html
[ Gravatar Icon ]
Just as we are targeting query strings containing “hop”, we can target query strings that don’t contain it by using a “not” operator (exclamation point) before the target string:

 RewriteCond %{QUERY_STRING} !hop [NC]
 RewriteRule (.*) http://www.mywebsite.com/index2.html [R=301,L]
This would catch everything without hop in the query string and redirect it to the alternate index page.
[ Gravatar Icon ]
Baruch#52
Hi Jeff,
The last code is working, or not :\ . Firefox gets to index2.html, but the page displays the following error message:
>>The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.<<
IE gets to index2.html after 15 minutes of loading. The page is displayed without formatting, pictures, etc. but at least it’s there.
I don’t know what to think about it. If you have any ideas please let me know and thank you from the bottom of my heart for your help!
Baruch
[ Gravatar Icon ]
Ah, you might want to try adding this just above the rewrite rule:
RewriteCond %{REQUEST_URI} !/index2.html$
That should do the trick..
[ Gravatar Icon ]
Baruch#54
Jeff, you are a genius!:))
The script is working flawlessly now! I’m so relieved!
Thank you sooo much for taking the time to tweak the code for me and patiently answering my questions.
Big THANKS!:)
baruch
[ Gravatar Icon ]
@Baruch: you’re welcome :)
[ Gravatar Icon ]
Jeff, I have been researching the net for tips on redirecting traffic to specific pages depending on their IP address. So far you material is the soundest and most complete so I know you are going to be able to help me.
Here is the question:
I need to redirect traffic from my Index.html to a specific page depending on the country of origin of the IP address.
I have a block of 400+ IP ranges for a specific country and have tried the following code with no results. I have included only three IP ranges to simplify the example. The last IP is mine so I can check if the code works.
RewriteEngine on
RewriteBase /
RewriteCond %{REMOTE_HOST} 111.222.0.0/9
RewriteCond %{REMOTE_HOST} 333.444.0.0/9
RewriteCond %{REMOTE_HOST} 555.666.0.0/9
RewriteCond %{REMOTE_HOST} 777.888.99.10
RewriteCond %{REQUEST_URI} ^/$
RewriteRule .* /default.html [R=301,L]
[ Gravatar Icon ]
Hi Cristian, the first thing that jumps out at me when looking at this code is the fact that it is impossible to satisfy the given conditions. As written, your rewrite conditions are saying effectively:
If the remote host is from this IP range and this IP range and this IP range, and the requested URI is root, then apply the redirect rule.”
What you want to say, rather, is this:
If the remote host is from this IP range or this IP range or this IP range,and the requested URI is root, then apply the redirect rule.”
The key here is to add [OR] flags at the end of the appropriate conditions. Something like this:
RewriteCond %{REMOTE_HOST} 111.222.0.0/9 [OR]
RewriteCond %{REMOTE_HOST} 333.444.0.0/9 [OR]
RewriteCond %{REMOTE_HOST} 555.666.0.0/9 [OR]
RewriteCond %{REMOTE_HOST} 777.888.99.10
RewriteCond %{REQUEST_URI} ^/$
RewriteRule .* /default.html [R=301,L]
Lines without the explicit [OR] flag are interpreted in additive fashion, which is why your code fails — it is impossible for any single host to be coming from multiple IPs.
[ Gravatar Icon ]
Jeff ,
Thanks it works ! at least redirects when I go to the main page.
Now I have to contact someone within the particular IP block to see if does there too.
Thanks
[ Gravatar Icon ]
Jeff, I am trying to redirect to a certain page according to the IP address for a geographic region.
With your help (Sep 14) so far I have the following:
RewriteEngine on
RewriteBase /
RewriteCond %{REMOTE_HOST} 11.222.0.0/17 [OR]
RewriteCond %{REMOTE_HOST} 44.55.64.0/19
RewriteCond %{REQUEST_URI} ^/$
RewriteRule .* /default.htm [R=301,L]
This works perfectly when I include my specific IP to test it (or anyone else’s ) but it seems to be ignoring the IP ranges using CIDR notation.
I am trying to redirect to specific pages depending on the country or origin of tbe request to my index page.
Thanks again,
Cristian
[ Gravatar Icon ]
Hi Cristian, not sure what might be happening here, but there is another notation that you can use whereby the last octet of the IP address is omitted from the rewrite condition.
By omitting one (or more) of the octets, you essentially create a wildcard address that will match anything beginning with whatever octets remain.
I hope it helps!
[ Gravatar Icon ]
I am trying to keep certain people from my website and am trying to use this script:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 127\.0\.0\.1
RewriteRule .* /banned.htm [R=301,L]
RewriteCond %{REQUEST_URI} "/functions/"
RewriteRule (.*) $1 [L]
RewriteRule ^([^.]+)/?$ /index.php?page=$1 [L]
Now, it does and doesn’t work. First it seems to be in an eternal loop. Then I delete the lines from RewriteBase to [R=301,L] and all of a sudden my banned page comes up.
What I want is to add lines to my .htaccess and redirect seveeralip’s to several different pages. This might seem silly, but for me it makes perfect sense. For some reason though, I keep failing unless I redirect to a different domain :(
Can you help?
[ Gravatar Icon ]
Hi Michel, isn’t 127.0.0.1 the IP address for localhost (i.e., your server)? That would explain why it only works when you redirect to an external domain.
[ Gravatar Icon ]
O crap…. yes. let me have the server listen on another address. This makes perfect sense of course. Thanks for pointing that one out.
[ Gravatar Icon ]
Thanks Jeff, just came across this post while trying to go live with a new site early so a client & myself could input content but everyone else would see a splash page.
The [OR] variable for multiple IP addresses was getting me!
[ Gravatar Icon ]
@Justin: Ah yes, I should have mentioned the [OR] flag for multiple IPs. For others who may need help:
# permanently redirect specific IP request for single page
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789 [OR]
RewriteCond %{REMOTE_HOST} 456\.789\.123 [OR]
RewriteCond %{REMOTE_HOST} 789\.123\.456
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]
Note the absence of the [OR] flag on the last IP condition.
[ Gravatar Icon ]
HuntingKnowledge#66
HI Jeff m
I have a site up and running and a webautomated bot of an organisation is running is probing malacious requests changing the User agent so i blacklisted the access to the whole automised bot CIDR range by mentioning this in my .htaccess file
order allow,deny
deny from xx.xx.xx.x/xx
allow from all
When i check the access logs the bot still was able to get the confirmation of 302 confirmation from the server for /olddirectory/ in access logs and when i check the error logs the bot is getting rejected and access is denied some times may be from the root directory.
As the bot is concentrated on knowing the existence/files in the/olddirectory/ i am thinking if this script works out
# permanently redirect specific IP request for entire site
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REMOTE_HOST} 22\.22\.22\.239
RewriteRule /olddirectory/ http://www.newsite.com/ [R=301,L]
let me know if i could deviate the bot and save my bandwith and divert the evil bot with the above included in my htaccess also let me know to include the whole range of CIDR and do the same..
any help would be appreciated :)
[ Gravatar Icon ]
Lisa#67
This page has been very helpful. I have a question. There is a person I want to put a redirect on when he accesses my site. But he is with a popular ISP where many of my friends also use. So I can’t simply block the ISP. The ISP changes his IP address frequently, so I can’t simply block a range of IPs without also blocking out my friends. I’ve monitored access log long enough to notice a pattern. Based on geography, his hostname always comes across as: fixedname.variablename.ispname.com, and with that I can pretty confidently say all accesses from fixedname.*.ispname.com is from this person. The ISP seems to divide the city into fixed blocks that I can tie the fixedname to this person’s location.
Is there a way to say:
RewriteCond %{REMOTE_HOST} fixedname.*.ispname.com?
Thanks.
[ Gravatar Icon ]
Hi Lisa, yes something like this should do it:
RewriteCond %{REMOTE_HOST} fixedname\.(.*)\.ispname\.com [NC]
RewriteRule .* - [F]
[ Gravatar Icon ]
Seems like a great tool. Together with the comments, I think I’ve found what I want to do, but there’s one thing I wonder if it works.
I have this subsite after a /
So basically www.mydomain.com/house is a different site thanwww.mydomain.com
The site in the /house folder is both in Thai and in English, and I’m planning to use this script to redirect Thai IPs automatically to the Thai version, and all others to the English:
RewriteCond %{REMOTE_HOST} 111.222.0.0/9 [OR]
RewriteCond %{REMOTE_HOST} 333.444.0.0/9 [OR]
RewriteCond %{REMOTE_HOST} 555.666.0.0/9 [OR]
RewriteCond %{REQUEST_URI} ^/$
RewriteRule .* /thai/ [R=301,L]
Assuming I manage to find all (or at least most) Thai IP ranges, this should work, shouldn’t it? However, if I upload the htaccess file to the /housesubdirectory, will it work? Or does such a file only work in the root directory?
[ Gravatar Icon ]
Hi BenTrein, yes, I think so.. Logically, your code is saying this:
  • If the IP is address is within this range OR
  • if the IP address is within this range OR
  • if the IP address is within this range OR
  • if the requested URI is root..
  • Then redirect all requests to the thai subdirectory.
If that sounds like what you are trying to do, then yes it should work as expected. If placed in the /house/ directory, the redirect will go to/house/thai/ directory. In other words, yes it should work in the subdirectory (instead of root), but the relative URI will be determined with the containing directory (i.e., /house/) as root.
[ Gravatar Icon ]
Lisa#71
Thanks Jeff,
I didn’t know you can have hostname as arguments to RewriteCond, I thought you could only have IP addresses. I’ll give that a try.
[ Gravatar Icon ]
Thanks a lot Jeff. I haven’t implemented it yet, but I’ll upload such a htaccess file to the sub-directory.
If I have a different htaccess file in the root directory, will it create a conflict?
[ Gravatar Icon ]
Shouldn’t be a problem.. just keep in mind that the htaccess files/directives execute in cascading fashion. I.e., it is possible for your subdirectory rules to override those in your root file.
[ Gravatar Icon ]
Thekla#74
I have a stalker that I am trying to redirect and I am using your code in htaccess but it isn’t working.
[ Gravatar Icon ]
Thekla, post the code you are using, with each line wrapped in tags, and someone will take a look at it..


[ Gravatar Icon ]
Thekla#76
Thank you. Your help is greatly appreciated.
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} xx\.xxx\.xxx\.xxx
RewriteCond %{REQUEST_URI} /terridelights\.com$
RewriteRule .* /stalkeralert.html[R=301,L]
[ Gravatar Icon ]
Instead of REMOTE_HOST, try with REMOTE_ADDR, and then also remove the second RewriteCond:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^789\.123\.456\.3$
RewriteRule .* http://terridelights.com/stalkeralert.html [R=301,L]
Notice the full URL in the RewriteRule. Here is more information onmod_rewriting using eight different variables.
[ Gravatar Icon ]
Thekla#78
I tried what you put verbatim and I get this message
The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
* This problem can sometimes be caused by disabling or refusing to accept
cookies.
I checked in my internet options and am currently accepting cookies.
Please help
[ Gravatar Icon ]
Ah yes, let’s try this:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^789\.123\.456\.3$
RewriteCond %{REQUEST_URI} !/stalkeralert.html$ [NC]
RewriteRule .* http://terridelights.com/stalkeralert.html [R=301,L]
I forgot about the infinite loop ;)
[ Gravatar Icon ]
Thekla#80
Am I your biggest pest?
I redid it with what you posted, changed the ip of course, and got the same message as before.
[ Gravatar Icon ]
Hmm, not sure what’s going on.. maybe try placing an [OR] at the end of the second first RewriteCond..?
[ Gravatar Icon ]
Thekla#82
I have been trying to get this for days. I tried the OR as you have it and, I hate to say that it isn’t working. I called my hosting company and they said it should accept the .htaccess file. If you can think of something else, please let me know. In the meantime, I will keep searching.
Continue Reading...