1

Ref: Correct way to block a site if a cookie isn't present apache 2.4

We followed the answer and it didn't work.

We want to redirect to another page when the cookie does NOT exist (or contain the correct information).

We're tried this:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
RewriteRule .* - [R=503,L]

The above works as a negative condition.

We tried these examples (we've had to change the URLs to be able to post the question):

RewriteCond %{HTTP_COOKIE} !abc_f8Dple7LxGXcSUgHjFrx
RewriteRule .* www.example.co.uk/no-access [R=301,L]

RewriteCond %{HTTP_COOKIE} !^abc_f8Dple7LxGXcSUgHjFrx=([^;]+)
RewriteRule .* www.example.co.uk/no-access [R=301,L]

RewriteCond %{HTTP_COOKIE} !^abc_f8Dple7LxGXcSUgHjFrx
RewriteRule .* www.example.co.uk/no-access [R=301,L]

RewriteCond %{HTTP_COOKIE} !abc_f8Dple7LxGXcSUgHjFrx=([^;]+)
RewriteRule .* www.example.co.uk/no-access [R=301,L]

None of these are working. If we remove the ! symbol (making it a positive condition) they work.

Can someone help with this please?

We'd like to get this to work on Apache 2.2 and 2.4 as we can't get it to work on both.

Community
  • 1
SWS
  • 11
  • 2
  • In situations like this, enabling the rewritelog is probably the fastest way to troubleshoot it. If you can enable it and look at the output then you may see the problem very quickly, but if you have trouble interpreting the output, then paste it here. Details on how to enable it are here: http://wiki.apache.org/httpd/RewriteLog – Unbeliever Sep 20 '16 at 13:48
  • Make sure your browser cache is clear - any previous _erroneous_ redirects will have been cached by the browser. (It is sometimes easier to test with 302s for this reason). Check the network traffic (HTTP request headers) and check the `Cookie:` header - this will also inform you if the response (ie. redirect) is being pulled from the browser cache. – MrWhite Sep 20 '16 at 13:53
  • "they work" - By "work" do you mean the redirect is triggered successfully? "...we've had to change the URLs" - I guess this _error_ occurred when the URL was exemplified, but the substitution is missing a _scheme_, so these could never "work". – MrWhite Sep 20 '16 at 16:54

0 Answers0