Redirect a range of IPs using RewriteCond

apache .htaccess mod-rewrite

xylar · Jul 25, 2012 · Viewed 46.1k times · Source

Currently I am redirecting all users except for the IP 12.345.678.90 using:

RewriteEngine On
RewriteCond %{REQUEST_URI} !/maintenance$
RewriteCond %{REMOTE_HOST} !^12\.345\.678\.90
RewriteRule $ /maintenance [R=302,L]

What syntax would I use to allow a range? In my Allow list I have:

Allow from 123.45.678.90/28

Would it work if I just update the REMOTE_HOST line to:

RewriteCond %{REMOTE_HOST} !^12\.345\.678\.90/28

Answer

If you're using Apache HTTPD 2.4 or later, you can use expressions to match REMOTE_ADDR against a CIDR mask.

The short form looks like this:

RewriteCond expr "-R '192.168.1.0/24'"

The following longer form is also available, but the documentation suggests it is less efficient:

RewriteCond expr "%{REMOTE_ADDR} -ipmatch '192.168.1.0/24'"

That makes the full solution to your example something like this:

RewriteEngine On
RewriteCond %{REQUEST_URI} !/maintenance$
RewriteCond expr "! -R '12.345.678.90/28'"
RewriteRule $ /maintenance [R=302,L]