Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

rewrite rule for apache
From: bituman <bituman () enerla net>
Date: Thu, 31 Aug 2006 15:22:31 +0200
I want to protect a directory, better to say its contents from people downloading it, if the are not coming from a specified page. 
Now, i understand, that the following code redirect *vicodin.* to a standard error page.

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^(http://)?(www\.)?.*(-|.)vicodin(-|.).*$ [NC,OR]
< ...lots of other rules go here...>
RewriteRule .* - [F,L]

What rewrite rules should i use if i want users from index.php?option=login to access the content and everyone else to 
redirected to the standard error page?
Is it even possible to use get style params in the referer field?

Thank you in advance
bituman

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]