Returning a 404 page when a folder is accessed from one domain, but allowing access from other domains and IP addresses

Posted by okw on Server Fault See other posts from Server Fault or by okw
Published on 2011-02-12T21:54:43Z Indexed on 2011/02/12 23:27 UTC
Read the original article Hit count: 440

Filed under:
|
|
|
|

Situation:

  • I want to return a 404 page ("404.php") when a folder ("hidden") is accessed from the example.com domain.
  • I want the same folder to be accessible from a subdomain ("hidden.example.com") or from a different domain ("hidden.com") which are both configured in a single VirtualHost entry.
  • The server has multiple IP addresses that it listens on. Each IP address serves identical content from the example.com domain (sharing a VirtualHost entry.) I want the folder to be accessible from the IP address.
  • The server is configured to use SSL/TLS/HTTPS. HTTPS is optional on example.com, but HTTPS is enforced in the .htaccess file for the hidden folder using a rewrite rule shown below.

/www/hidden/.htaccess

RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

I know that {SERVER_ADDR} gives the server's IP address, but does it return the one that the client is requesting from?

I'm also starting to think that something in the VirtualHosts file would be more appropriate. Any thoughts on this?

What should be allowed:

http://87.65.43.21/hidden/
https://87.65.43.21/hidden/
http://12.34.56.78/hidden/
https://12.34.56.78/hidden/
http://hidden.example.com/
https://hidden.example.com/
http://hidden.com/
https://hidden.com/
http://www.hidden.com/
https://www.hidden.com/

What should be 404-ed with 404.php

http://example.com/hidden/
https://example.com/hidden/
http://www.example.com/hidden/
https://www.example.com/hidden/
http://example.com/hidden/hiddenfile.php
https://example.com/hidden/hiddenfile.php
etc.

Thanks.

© Server Fault or respective owner

Related posts about apache

Related posts about apache2