当有两个 ip 时，使用 X-Forwarded-For 阻止 htaccess 中的访问

我正在尝试在htaccess中使用规则进行阻止，如下所示：

Order Deny, Allow
Deny from all
SetEnvIf X-Forwarded-For "^ 173  .245 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 103  .21 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 103  .22 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 103  .31 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 141  .101 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 108  .162 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 190  .93 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 188  .114 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 197  .234 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 198  .41 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 162  .158 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 104  .16 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 172  .64 ." AllowAccess
SetEnvIf X-Forwarded-For "^ 131  .0 ." AllowAccess
Allow from env = AllowAccess

但这对我不起作用，因为我总是被拒绝权限，当我发出请求时，服务器会返回以下信息：

varnish-request bal-7361 {"time": "[Jun / 25/2020: 23: 14: 52 +0000]", "status": "403", "bytes": "17", "method": " GET "," host ":" xxxx.com "," url ":" / "," query ":"? N = 62 "," referrer ":" - "," user_agent ":" Mozilla /5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 83.0.4103.116 Safari / 537.36 "," client_ip ":" 162.158.79.38 "," time_firstbyte ":" 0.004040 "," hitmiss ":" miss "," handling ":" miss "," forwarded_for ":" 201.246.98.193, 162.158.79.38 "," request_id ":" v-ace334b8-b739-11ea-a340-0285be1d8ea9 "," ah_log ": "", "ah_application_id": "", "ah_environment": "", "ah_trace_id": ""}

你能帮我吗？

您可以使用以下配置进行限制：

SetEnvIf X-Forwarded-For ^1.2.3.4 allowed

您应该使用mod_remoteip而不是手动构建 SetEnvIf 规则。请参阅链接以获取更多信息。

相关内容

最新更新

热门标签：