Limiting Apache methods on virtual hosts levels

Running a virtual host invironment might from time to time require different configurations for each host. Recently i was asked to disallow the POST method while whitelisting the method for a few IP numbers – someone must have abused some kind of formular on the homepage.

The limitation was achieved in the following way.

Inside the tags of:

<VirtualHost *:80>
 ...
</VirtualHost>

You should place the following code.

RewriteEngine on
RewriteCond %{THE_REQUEST} ^(POST)\ /.*\ HTTP/\d\.\d$
RewriteCond %{REMOTE_ADDR} !(x.x.x.x|y.y.y.y)
RewriteRule .* - [F]

Then restart Apache and the configuration will be loaded.

Explanations

  • Line 2: You can specify several methods inside the parentheses seperated by a pipe (|). For instance (POST|HEAD)
  • Line 3: Insert the desired IP adresses to be whitelisted, again seperated by a pipe (|).

NOTE

You will have to have the Apache rewrite module installed and enabled.

Available methods can be found under Apache docs.

Leave a Reply +

Skriv et svar