On Tue, Apr 11, 2023 at 9:29 AM Dave Wreski <dwre...@guardiandigital.com.invalid> wrote: > > Hi, > > On 4/10/23 11:48 PM, Tatsuki Makino wrote: > > Dave Wreski wrote on 2023/04/11 10:54: > > SetEnvIf user-agent "(?i:TurnitinBot)" stayout=1 > SetEnvIf Request_URI "^linuxsecurity_features\.*$" !stayout > > I have done it in the past, too. > It was like allowing another level of conditions to be attached to Allow and > Deny, depending on the condition that defines the variable and the condition > that undefines the variable, right? :) > This is no longer needed, so change the name to something that makes sense. > > Yes, the "deny" was removed long ago. That is not the problem now. I also > previously neglected to post the "<IfModule !mod_authz_core.c>" qualifier > around the "deny from env=stayout" which would only load it for apache-2.2 > systems. > > SetEnvIf user-agent "(?i:TurnitinBot)" SOMENAME1 > SetEnvIf Request_URI "^linuxsecurity_features\.*$" SOMENAME2 > > And let it meet all the requirements. > > <RequireAll> > Require all granted > Require not env SOMENAME1 > Require env SOMENAME2 > </RequireAll> > > This had the effect of blocking elements on every page (and the page itself, > I think) on the site with 403s and "AH01630: client denied by server > configuration:" entries in the error log. > > Is it possible there's something else going on here? > > SetEnvIf Request_URI "^linuxsecurity_features\.*$" rssfeeds
Can't anchor to ^. Unlike rewrite in htaccess, this will always compare against the actual requested URL. Not the weird remainder of the URL. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
