Is there a possible htaccess directive that can transparently forward request from index.php to index_internal.php if the request is coming from an internal ip range?
-
Something like this should do it (obviously change the IP address to match your network):
RewriteCond %{REMOTE_ADDR} ^192\.168\. RewriteRule index.php index_internal.phpIf you want an actual header then make it
RewriteRule index.php index_internal.php [L,R,QSA] -
RewriteEngine on RewriteCond %{REMOTE_ADDR} ^192\.168\.1\. [OR] RewriteCond %{REMOTE_ADDR} ^10\.15\. RewriteRule ^index\.php$ index_internal.php [R,NC,QSA,L]What this does:
start mod_rewrite engine (you may have that already)
if (client IP address starts with "192.168.1." [or]
client IP address starts with "10.15.")
and page name is index.php ([n]ot [c]ase sensitive), [r]edirect to index_internal.php, [q]uery [s]tring [a]ppend (i.e.
index.php?foo=barbecomesindex_internal.php?foo=bar), [l]eave processing.Modify as needed for IP address blocks.
-
ok here's my code (no redirect) based on wikipedia's private network list
RewriteEngine on RewriteCond %{REMOTE_ADDR} ^10\. [OR] RewriteCond %{REMOTE_ADDR} ^172\.[1-3]{1}\d{1}\. [OR] RewriteCond %{REMOTE_ADDR} ^192\.168\. RewriteRule ^index\.php index_internal.php [NC,QSA,L]Piskvor : Nice idea! Beware though: not all that's in private range must be necessarily inside your network - for example, I've seen configs where 10.1.255.255 was internal network and 10.4.255.255 was another, less trusted network via VPN. I'd allow only as much access as is necessary.ken : i only need to detect if my web application is accessed via public or internally just to set some constants especially redirection host for our single sign on app
0 comments:
Post a Comment