使用 mod_rewrite 基于引用者进行重定向,忽略 GET 参数
我正在尝试根据引用来源限制使用 mod_rewrite 访问网页。 网页的网址是 http://www.example.com/path/to/page.php 它位于 Debian 服务器上的 /var/www/path/to/page.php
我有一个重写映射 allowedReferers
,其中包含 URL 列表
allowedReferers
我还有以下重写条件/规则
重写
Cond %{HTTP_REFERER} ^(.*)$
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* http://www.someotherplace.com [R,L]
到目前为止,这效果非常好。
可以访问网站,同时
被重定向到someotherplace.com。
我的问题是,在现实生活中,我的引用将包含 GET 参数。 例如
我的想法是将第一个条件重写为类似这样
RewriteCond %{HTTP_REFERER} ^(.*)\?.*$
或这样的
RewriteCond %{HTTP_REFERER} ^(.*)\?id=[0-9]*$
内容,我已经在 Firefox 的 RegexTester 中测试了这两个正则表达式,它们的行为符合我的要求。 应用于以下输入
他们以 $1
的价格返回此:
我预计%1
还包含减去 GET 参数的 URL。 因此,保持规则的其余部分不变:
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* http://www.someotherplace.com [R,L]
应该会产生预期的行为:
可以访问该网站,而
(或http://www.athirdplace.com/等)
将被重定向 是
不幸的 根本不按预期运行。 将更改应用于第一个条件后,突然每个引用者都可以访问该网站。
由于我想了解 %1
内部到底有什么,我想到了以下想法:
RewriteCond %{HTTP_REFERER} ^(.*)\?id=[0-9]*$
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* %1 [R,L]
假设引用来自
会将我重定向到
错误的假设。它将我重定向到
正如我在开头提到的,它是要限制访问的页面的地址。 当然会引发 404,因为 /var/www/
是 docroot。
重定向到 %1
只是调试我的问题的绝望尝试,因此我不需要解决方案来实现此目的。我正在寻找一种方法来解决我原来的重定向问题。 像这样的推荐人
(无论传递哪个id)
转到
而其他一切都去
最后,我也很感激任何如何调试mod_rewrite<的想法/code>,特别是查看
%{HTTP_REFERER}
、%1
、$1
等内容的方法。
I'm trying to restrict the access to a webpage with mod_rewrite, based on the referer.
The webpage's URL is
http://www.example.com/path/to/page.php
It is located on a Debian server in /var/www/path/to/page.php
I have a rewrite map allowedReferers
containing a list of URLs
allowedReferers
I also have the following rewrite conditions/rules
Rewrite
Cond %{HTTP_REFERER} ^(.*)$
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* http://www.someotherplace.com [R,L]
So far this works perfectly well.
Can access the website, while
gets redirected to someotherplace.com.
My problem is that, in real life, my referers will contain GET parameters.
e.g.
My idea was to rewrite the first condition to something like this
RewriteCond %{HTTP_REFERER} ^(.*)\?.*$
or this
RewriteCond %{HTTP_REFERER} ^(.*)\?id=[0-9]*$
I've tested both regexes in Firefox' RegexTester and they behave as I want them to.
Applied to the following input
they return this for $1
:
I expected that %1
also contains the URL minus the GET parameters.
So that, leaving the rest of the rule unchanged:
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* http://www.someotherplace.com [R,L]
should result in the expected behavior:
can access the website, while
(or http://www.athirdplace.com/ etc.)
will be redirected to someotherplace.com
Unfortunately it does not behave as expected at all.
Having applied the change to the first condition suddenly every referer has access to the website.
As I wanted to see what actually is inside of %1
, I came up with the following idea:
RewriteCond %{HTTP_REFERER} ^(.*)\?id=[0-9]*$
RewriteCond ${allowedReferers:%1|black} ^black$ [NC]
RewriteRule /* %1 [R,L]
Assuming that refering to the page from
would redirect me to
Wrong assumption. It redirects me to
which is, as I mentioned in the beginning, the address of the page whose access is to be restricted.
And of course provokes a 404, as /var/www/
is docroot.
Redirecting to %1
was just a desperate attempt to debug my problem, so I do not need a solution to achieve this. What I'm looking for is a way to solve my original redirection problem.
Referers like these
(no matter which id is passed)
go to
while everything else goes to
Finally I would also appreciate any ideas how to debug mod_rewrite
, especially ways to peek into stuff like %{HTTP_REFERER}
, %1
, $1
, and the likes.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
刚刚找到了如何(至少部分)调试 mod_rewrite 的解决方案:
提供了一个非常方便的技巧来输出 mod_rewrite 正在使用的一些值。
我对示例进行了一些修改,如下所示:
mod_rewrite_debugger.php 仅包含
输出为:
这表明我最初的假设是正确的。
不幸的是,当应用第二个条件时,调试器不再工作:
产生以下输出:
事实证明,规则突然按照最初的预期工作。问题自行解决了。
也许这对某人有帮助。
Just found a solution how to (at least partially) debug mod_rewrite:
http://www.latenightpc.com/blog/archives/2007/09/05/a-couple-ways-to-debug-mod_rewrite
provides a very handy trick to output some of the values mod_rewrite is using.
I modified the example a little bit, to the following:
mod_rewrite_debugger.php just contains
The output is:
Which shows that my original assumption was right.
Unfortunately the debugger doesn't work anymore when the second condition is applied:
produces the following output:
Turns out that the rules suddenly worked as originally intended. The Problem solved itself.
Maybe this helps someone.