3

I have a page that is prone to attacks, so, in order to reduce the anonymous attacks, I use this code in my .htaccess which I found online :

# BLOCK PROXY VISITS
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{HTTP:VIA}                 !^$ [OR]
 RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
 RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
 RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
 RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
 RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
 RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
 RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
 RewriteRule .* - [F]
</IfModule>

My problem is that one advertiser uses proxies inside his company and thus cannot visit my page. I have no idea on regular expressions, even though I think i can recognize one when I see it, as in "oh, look a regex". I think the conditions above are regexes, but I do not have the knowledge to alter them in a way, that only the proxy visits from this specific static IP are not banned.

How do I achieve that if possible? Thank you in advance!

1 Answers1

2

In the line right below RewriteEngine on, add these rules:

RewriteCond %{REMOTE_ADDR} ^12\.34\.56\.78$ 
RewriteRUle ^ - [L]

This will allow a remote IP connection from 12.34.56.78 to pass through without being subjected to the proxy checks (which should come afterwards).

Jon Lin
  • 1,353
  • 9
  • 21
  • your code doesnt block proxies! I have private proxies and try to do that and it not block. –  Jun 23 '16 at 07:41
  • Actually, it blocks anonymous proxies quite well, but elite proxies are able to get past those settings. – whitebeard May 21 '17 at 20:41