| Posted: 13 August 2008 at 5:07pm | IP Logged
|
|
|
Yesterday , we had the following httpd.ini file
[ISAPI_Rewrite]
# Block external access to the httpd.ini and httpd.parse.errors files
RewriteRule /httpd(?:\.ini|\.parse\.errors) / [F,I,O]
# Block visitors from China
RewriteCond %{REMOTE_HOST} (.*)\.cn(.*) [NC]
RewriteRule (.*) http\://oursite.com/ErrorPage.asp [I,RP]
It worked yesterday but not today after we added about 50 complex rules OR'd together like the sample below (used to block IP ranges). This is used to block some hackers attacking our system. It blocked access to all users. When we restored it to yesterday's file (above) it still didn't work-it tried to block access to all users-even though it worked yesterday. Nothing was installed on this server (IIS6/Win2003). Why would this happen and how can we get the IP address filtering to work? Is the complexity of the rules bringing ISAP_Rewrite down? We tried restarting the web site to no avail. It's on a shared server so we didn't want to reboot.
#IP Filtering rules
#RewriteCond %{REMOTE_ADDR} ^169\.208\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ [OR]
#RewriteCond %{REMOTE_ADDR} ^202\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ [OR]
#RewriteCond %{REMOTE_ADDR} ^203\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$
#RewriteRule .* - [F]
TIA,
Steve Shier
|
Helicon Tech : ISAPI_Rewrite 2.x support forum
Topic: ISAPI_Rewrite corrupted by complex rules?
Active Topics
Memberlist
Help
Register
Login
