Conditionally whitelist IP's in Apache using presence or absence of files

Question

I found a pretty good solution to this problem but it is missing one component that I need. This is close:

# WHITELIST IPS #
RewriteMap ipslist txt:/path/to/whitelist.txt
RewriteCond %{REMOTE_ADDR} ^(.*)$
RewriteCond ${ipslist:%1|black} ^black$ [NC]
RewriteRule (.*) - [F]

MOST of the time I want to limit access to the site, but there will be times when I want many (beta testers) to have access. At that point, it will be easiest just to let anyone access the site during the test. So what I would really like to do is to make the whitelist apply conditionally. IF the whitelist.txt file is present, limit the access. But if there is no file, then let anyone access the site. Or, find some other approach.

I have searched for something similar but what I have above is as close as I can get. Can I use *.*.*.* in the whitelist.txt to allow ALL IP's when I need to? Or is there some better way to "turn on and turn off" the IP restriction logic?

score 0 · Answer 1 · answered Nov 02 '16 at 23:04

Have you considered using a flag file as a condition instead of the file of ip addresses?

Something like:

# WHITELIST IPS #
RewriteMap ipslist txt:/path/to/whitelist.txt
RewriteCond /path/to/flag_enabled_feature_file -f
RewriteCond %{REMOTE_ADDR} ^(.*)$
RewriteCond ${ipslist:%1|black} ^black$ [NC]
RewriteRule (.*) - [F]

Conditionally whitelist IP's in Apache using presence or absence of files

1 Answers1