.htaccess -ipmatch Issue/Question

P

psamathe.net

New Member
#1
#1
I'm trying to redirect all users from specific IP ranges to a specific page. Using RewriteCond/Rulke with -ipmatch but it seems to be matching any IP address, those within the CIDR and those way outside the CIDR

In .htaccess
Code: 
<IfModule mod_rewrite.c>
RewriteCond expr "%{REMOTE_ADDR} -ipmatch '86.128.0.0/12'"
RewriteRule .* https://psamathe.net/error_pages/specialpage.html [L]
</IfModule>
ie it always follows the specialpage.html whatever IP address uswer connecting from (browser).

Server using LiteSpeed Web Server version 6.3.2 (as I note that there were some issues with expr -ipmatch fixed in 6.3.1).

Also tried using the -R method but same redult. Am I doing something daft wrong?
Thanks
Ian
 
abk

abk

Administrator
Staff member
#2
#2
I tested your rule on my test environment running on LSWS 6.3.2 build 4 and changed only the IP:
Code: 
<IfModule mod_rewrite.c>
RewriteCond expr "%{REMOTE_ADDR} -ipmatch 'PLACED.MY.IPv4.HERE'"
RewriteRule .* https://psamathe.net/error_pages/specialpage.html [L]
</IfModule>
and got redirected to your specialpage.html on my desktop, but on my other (mobile 5G) connection with a different IP I was not redirected to specialpage.html
 
P

psamathe.net

New Member
#3
#3
abk said:
I tested your rule on my test environment running on LSWS 6.3.2 build 4 and changed only the IP:
Code: 
<IfModule mod_rewrite.c>
RewriteCond expr "%{REMOTE_ADDR} -ipmatch 'PLACED.MY.IPv4.HERE'"
RewriteRule .* https://psamathe.net/error_pages/specialpage.html [L]
</IfModule>
and got redirected to your specialpage.html on my desktop, but on my other (mobile 5G) connection with a different IP I was not redirected to specialpage.html
Click to expand...
Many thanks.

Been doing lots more testing and maybe the issue is with processing the CIDR IP range

Step 1: If my IP is 86.133.146.1 then using CIDR 86.128.0.0/12 in the rule blocks (as expected).
Step 2: Change my IP to 89.201.202.203 and it still blocks - though IP outside netmask range.
Step 3: Change the CIDR in the netmask to 186.128.0.0/12 and it stops blocking (as expected).
Suggests to me might be CIDR calculation not working correctly?

BUT
Suggesting CIDR IP Range calculation issues
My IP: 86.133.146.87 with rule RewriteCond expr "%{REMOTE_ADDR} -ipmatch '86.128.0.0/12'" blocks as expected
But IP: 89.238.174.6 with rule RewriteCond expr "%{REMOTE_ADDR} -ipmatch '86.128.0.0/12'" blocks when it shouldn't
But change CIDR IP Range to /24 ie IP: 89.238.174.6 with rule RewriteCond expr "%{REMOTE_ADDR} -ipmatch '86.128.0.0/24'" it doesn't block (correctly)

Ian
 
Last edited:
You must log in or register to reply here.
Top