: Using mod_rewrite to check for existence of a cookie I have an 'internal' website at my company that i'd like to allow outside access to via a reverse proxy with an Apache Server. The wrinkle

I have an 'internal' website at my company that i'd like to allow outside access to via a reverse proxy with an Apache Server.

The wrinkle here is that I only want particular Mobile Users accessing this reverse proxy.

I've created a very generic mobile app that will ALWAYS pass a cookie like MOBILEUSER=TRUE.

Is it possible to write a mod_rewrite rule to check for the existence of that cookie and ONLY allow requests with that cookie and value through?

thanks for any help!!

10.01% popularity Vote Up Vote Down

: How to add the tag name in the post title? consider question asked by the person in stackoverflow is like Preferred/idiomatic way to insert into a map When i search the above question

@Harper822

Posted in: #Blogger #Seo

1 Comments

: Is meta name="verify-v1" essentially google webmaters verification meta? If a website uses meta name="verify-v1" within the head, does this mean they are using Google Webmaster tools? and is it

@Harper822

Posted in: #GoogleSearchConsole #MetaTags

1 Comments

: My website can no longer send email and I didn't even change the code After receiving reports from my website assistant that he was unable to receive email resulting from a user performing

@Harper822

Posted in: #Dkim #Email #Spf

0 Comments

: SEO issues after HTTPS switch relating to shared IP and SSL (SNI) I'm having some trouble getting my site to appear in search rankings. I ran into the problem when I switched my domain over

@Harper822

Posted in: #Google #Ranking #Seo

0 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Ann8826881

You can return a "403 Forbidden" if the cookie is not set with something like the following:

RewriteEngine On
RewriteCond %{HTTP_COOKIE} !bMOBILEUSER=TRUEb
RewriteRule ^ - [F]

The ! before the CondPattern simply negates the pattern. b is word boundary, so it will only match that exact name/value pair, anywhere in the cookie.

A single ^ (start of string anchor) for the RewriteRule pattern matches everything. A single - (hyphen) for the substitution doesn't do anything, the URL is not rewritten (but the substitution is ignored anyway when using the F flag). And the F flag results in a 403 being served (this also implies an L flag - so processing stops).

Obviously, unless you are using SSL then the cookie can be sniffed.

10% popularity Vote Up Vote Down

Feed

: Using mod_rewrite to check for existence of a cookie I have an 'internal' website at my company that i'd like to allow outside access to via a reverse proxy with an Apache Server. The wrinkle

More posts by @Harper822

: How to add the tag name in the post title? consider question asked by the person in stackoverflow is like Preferred/idiomatic way to insert into a map When i search the above question

: Is meta name="verify-v1" essentially google webmaters verification meta? If a website uses meta name="verify-v1" within the head, does this mean they are using Google Webmaster tools? and is it

: My website can no longer send email and I didn't even change the code After receiving reports from my website assistant that he was unable to receive email resulting from a user performing

: SEO issues after HTTPS switch relating to shared IP and SSL (SNI) I'm having some trouble getting my site to appear in search rankings. I ran into the problem when I switched my domain over

Login to post a comment!

1 Comments

Back to top | Use Dark Theme