1

I want a mod_rewrite rule not to be executed when traffic is hitting the web-server from internal network. The web server is an apache 2.2 The following RewriteCond is meant to guard the rewrite rule.

        RewriteCond %{REMOTE_ADDR} !=192\.168\.[0-15]\.[1-255]

If I access the web server using ip 192.168.15.173, the rule doesn't seem to kick in and thus the rewrite rule is executed despite my internal address. Where is my mistake?

Matching for the simpler:

    RewriteCond %{REMOTE_ADDR} !=192\.168\.15\.173

fails as well.

I used the "Blocking of Robots" example in http://httpd.apache.org/docs/trunk/rewrite/access.html to build the rule. Am I missing something?

Edit: I already tried to investigate using rewrite logging, but that didn't bring up any useful information. That's what happens during the request:

    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (2) init rewrite engine with requested uri /test/
    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (3) applying pattern '^/test/(.*)' to uri '/test/'
    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (2) rewrite '/test/' -> 'https://example2.com/'
    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (2) explicitly forcing redirect with https://example2.com/
    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (1) escaping https://example2.com/ for redirect
    192.168.15.173 - - [12/Jun/2013:13:50:17 +0200] [example.com/sid#7f3c6afb5e30][rid#7f3c6f864b68/initial] (1) redirect to https://example2.com/ [REDIRECT/302]

I don't even see the RewriteCondition mentioned in this log.

Edit2: The apache version in detail is:

Name        : httpd
Arch        : x86_64
Version     : 2.2.15
Release     : 26.el6.centos
Size        : 2.9 M
Repo        : installed
From repo   : anaconda-CentOS-201303020151.x86_64

Edit3: I upped the LogLevel to 4 and now I get more results:

192.168.15.173 - - [12/Jun/2013:14:18:05 +0200] [example.com/sid#7f3c6afdfdb0][rid#7f3c6f880568/initial] (4) RewriteCond: input='192.168.15.173' pattern='!=192\.168\.15\.173' => matched

Why does this match?

Edit4: http://regexr.com?356tm tells me, that it shouldn't match ...

noamik
  • 163
  • 1
  • 2
  • 10
  • Turn on rewrite logging and check the rewrite logs. – Jenny D Jun 12 '13 at 11:47
  • I already did, but that didn't help me to understand the issue ... – noamik Jun 12 '13 at 11:54
  • What is exactly your Apache's version? – cuonglm Jun 12 '13 at 12:11
  • I added the detailed apache version to the question ... – noamik Jun 12 '13 at 12:13
  • This is as much a duplicate to my question as my answer is a duplicate to almost any documentation of regexs. There was a specific question which had a specific answer. My question is neither asked nor answered by your reference. The current topvoted answer there simply explains regexs, just like any regex documentation or tutorial out there on the web does. – noamik Apr 08 '14 at 15:59

1 Answers1

3

I found the answer to my question. The correct condition should have been:

RewriteCond %{REMOTE_ADDR} !192\.168\.[0-9]+\.[0-9]+
noamik
  • 163
  • 1
  • 2
  • 10