GEOIP based rewrite stopped working

Discussion in 'General' started by poirot, Jun 8, 2013.

  1. poirot

    poirot New Member

    Hi,

    We have something like this in every homedir:

    Code:
    cat /home/test/.htaccess 
    #
    RewriteEngine On
    RewriteCond %{ENV:GEOIP_COUNTRY_CODE} (XX|YY|ZZ) [NC]
    RewriteRule (.*) - [F]
    
    I don't now after which LSWS update, but the code above stopped working.
    Any chance for repairing that ?

    GEOIP module is working and accurate.
    We do also log GEOIP CC within ones logs
    and I see requests from IPs marked as coming from CC XX/YY/ZZ passing with code 200 although they should be denied.
  2. NiteWave

    NiteWave Administrator

    you mean above rewriterules not work for latest lsws 4.2.3, but works for 4.2.2 (or before)?
  3. poirot

    poirot New Member

    Yap. That's exactly what I wanted to say, but frankly I cannot predict now
    during which LSWS version upgrade this functionality was lost.
    On one server running till now with LSWS 4.2 everything is fine.
    On 4.2.3 it is not. If it's working on 4.2.1 or 4.2.2 I can't say.
    I'd rather not to try any rollbacks without scheduling
    maintenace window during the night,
    but it may be done if you want me to do that...
  4. webizen

    webizen New Member

    pls enable rewrite logging in httpd.conf by adding following in the vhost section

    RewriteLogLevel 9

    Then do 'grep "REWRITE" /usr/local/apache/logs/error_log' to see if it is the case.
  5. poirot

    poirot New Member

    I did what you asked and it showed me nothing realted to that particular rewrite rule.

    AFAIR on DirectAdmin based servers LSWS was accepting rewrite rules only in two places:

    /home/username/.htaccess
    and
    /home/username/domains/domain.com/public_html/.htaccess

    Nowhere in between.

    AFAIS the case is that when user has his own rules in public_html,
    any other rewrite rules ( like the one above GEOIP based which we use ) placed in /home/username/.htaccess
    doesn't work - although you may still insert for ex. deny/allow rules there and they will be taken into consideration.
    Moving users .htaccess file outside public_html ( just for testing ) resolves this issue and this rewrite rule start beeing debuged ( and in fact triggered ) correctly by LSWS.
    Last edited: Jun 9, 2013
  6. webizen

    webizen New Member

    error log for DA is /var/log/httpd/error_log (was assuming you use cpanel).

    just add "RewriteLogLevel 9" to /usr/local/directadmin/data/users/test/httpd.conf (user's vhost httpd.conf) to rewrite debugging.
  7. poirot

    poirot New Member

    I did that.
    Rewrite debug showed up in /var/log/httpd/domain/domain.com.error.log.
    The case is that if there are any rewrite rules placed by the user in
    /home/username/domains/domain.com/public_html/.htaccess,
    our rules placed in /home/username/.htaccess are not beeing taken into consideration and therefore nod debuged at all.
  8. webizen

    webizen New Member

    thanks for the clarification. that's correct. rules in /home/username/.htaccess has no effect.
  9. poirot

    poirot New Member

    you mean "ok - we'll fix it" or "yes - we wanted it to be that way" ?
  10. webizen

    webizen New Member

    pls pm the temp root access so we can further investigate it.
  11. poirot

    poirot New Member

    Ok. I'll find a machine we may give you access to.
    Please PM me your SSH public key and IP you are going to login from.
  12. webizen

    webizen New Member

    it is sent in pm.

Share This Page