使用 HTACCESS 从查询字符串中删除 IP 地址
我有一个像这样的网址:
我正在尝试从 URL IP=16 中的查询字符串中删除以下查询变量9%2E59 %2E201%2E137,同时保持字符串的其余部分不变。该变量是一个 IP 地址,每次可能是不同的 IP 地址,但始终是一个 IP。如果出于安全原因在查询字符串中找到 IP 地址,我使用的 CMS 系统之一将会出错。不幸的是,我需要获取从支付网关发送的数据,而网关无法关闭从支付网关发送的 IP 地址。如果我要捕获发送到 CMS 的数据,那么我需要使用 HTACCESS 删除或替换查询中的 IP。
RewriteEngine On
RewriteCond %{THE_REQUEST} ^GET\ /.*\ HTTP/ [NC]
RewriteCond %{QUERY_STRING} IP= [NC]
RewriteCond %{QUERY_STRING} (.*)(IP=[0-9]{1,3}%252E[0-9]{1,3}%252E[0-9]{1,3}%252E[0-9]{1,3})(.*) [NC]
RewriteRule .* %{REQUEST_URI}?%1%3 [R=301,L]
所以,我开始写这样的东西,但说实话,我不擅长 mod_rewrite 和正则表达式。
我不在乎它是否被设置为IP=123,或者只是被删除,但它不能被格式化为IP。如果您能提供帮助,请告诉我!
I have a URL like so:
I'm trying to remove the following query variable from the query string in the URL IP=169%2E59%2E201%2E137 while leaving the rest of the string intact. That variable is an IP address which may be a different IP address each time, but will always be an IP. One of the CMS systems I use will error out if an IP address is found in the query string for security reasons. Unfortunately, I need to get data sent from a payment gateway, and there's no way at the gateway to turn off the IP address that's being sent from them. If I'm to capture data sent to my CMS, then I need to have the IP in the query removed or replaced using HTACCESS.
RewriteEngine On
RewriteCond %{THE_REQUEST} ^GET\ /.*\ HTTP/ [NC]
RewriteCond %{QUERY_STRING} IP= [NC]
RewriteCond %{QUERY_STRING} (.*)(IP=[0-9]{1,3}%252E[0-9]{1,3}%252E[0-9]{1,3}%252E[0-9]{1,3})(.*) [NC]
RewriteRule .* %{REQUEST_URI}?%1%3 [R=301,L]
So, I started writing something like this, but honestly I suck at mod_rewrite, and regular expressions.
I don't care if it's set to IP=123, or just removed, but it can't be formatted as an IP. Please let me know if you can help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我不确定你的前两个 RewriteConds 但类似的东西应该可以工作...
这确实假设 IP 地址后面总是有一个参数,如果不是这种情况,你可以删除 &但最终会得到双 & 符号。如果 IP 前面始终有一个值,则您始终可以将其移至 IP 之前。不管怎样,我假设您使用的任何服务都是相当标准的。
注意:我总是使用 302 进行测试,因为一旦浏览器缓存了转发,就很难测试更改。一旦有效,将其改回 301。
I'm not sure about your first two RewriteConds but something like this should work...
This does assume that there will always be a parameter after the IP address, if that isn't the case you could remove the & but you would then end up with double ampersands. You could always move it to before IP if there is always a value preceeding it. Either way I'm assuming whatever service you are using is fairly standard.
NB: I always use 302 for testing purposes as once a browser caches a forward it can be difficult to test changes. Once it works change it back to 301.
编辑:这实际上是错误的并且不起作用。我不会更改它,因为 Cags 的答案已经解决了问题,所以请忽略它。
您的问题是%{REQUEST_URI}包含 GET 值。所以你最后要做的只是将除 IP 之外的所有内容再次添加到末尾,但 IP 仍然存在。此外,您不需要所有这些条件。您应该能够通过一条规则完成这一切,如下所示:让我知道这是否适合您。EDIT: This is actually wrong and won't work. I'm not going to change it because Cags's answer already solves the problem, so please just ignore this.
Your problem is that%{REQUEST_URI}includes the GET values. So what you're doing at the end is just adding everything except the IP onto the end again, but the IP is still there. Also, you don't need all those conditions. You should be able to do it all with one rule, like so:Let me know if that works for you.