Block a URL and its sub URL using Htaccess

.htaccess

I have a URL http://example.com/web/en/press-release/. How can I block all users access and viewing that page and http://localhost:10004/web/en/press-release/* using .htaccess?

I want them only accessible from specific IPs.

I did like this but not working.

# Press Release Blocked Now
RewriteCond %{HTTP_REFERER} web/en/press-release/ [NC,OR]
RewriteRule .* - [F]

If you must use .htaccess files you should know their limitations:

.htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof.

This means you control the settings on filesystem containers rather than webspace containers, and the configuration by default applies to all subdirectories. Therefore, to achieve your goal you must place the .htaccess file to the file system path corresponding with the URL path /web/en/press-release/.

If the /web/en/press-release/ on both localhost:10004 and example.com refers to the same directory and both are served directly from the filesystem using Apache (i.e. it is not a reverse proxy), the filesystem context is a good choice. From Configuration Sections: What to use When:

Choosing between filesystem containers and webspace containers is actually quite easy. When applying directives to objects that reside in the filesystem always use <Directory> or <Files>. When applying directives to objects that do not reside in the filesystem (such as a webpage generated from a database), use <Location>.

It is important to never use <Location> when trying to restrict access to objects in the filesystem. This is because many different webspace locations (URLs) could map to the same filesystem location, allowing your restrictions to be circumvented.

Instead of using mod_rewrite to control access, Apache has direct Access Control directives. Using them is more straightforward and makes your configuration easier to read and manage. The Require Directive from mod_authz_core has ip:

Require ip 192.0.2.100
Require ip 198.51.100.0/24
Require ip 2001:DB8:C0F:FEE::/64

Related

Best practices for pagefile on an Exchange server with a large amount of RAM?
NFS export an overlay of ext4 and btrfs
Unexpected entries in authorized_keys - is my server compromised?
How to set Openssh and Mit kerberos (from windows to linux server)?
Broadcom NIC stays down in iPXE
Javamail using Exchange as relay
How can I add a trailing slash to a virtual host?
command line utility for linux to decode SCSI CDB
Is it possible to host one TXT record for a domain on a different server, and leave all of the other DNS information intact on the first server?
How to understand the "A subnet Example"?
How to upgrade an Android project to Java 11
Get higher granularity for a list while setting 0 to the corresponding element in the other list for each new point