Latest TweetsWordPress and the Blank Target Vulnerability (aka rel noopener + noreferrer): perishablepress.com/wordpress-… #WordPress #security #html
Perishable Press

Permanently Redirect a Specific IP Request for a Single Page via htaccess

Not the most interesting title, but “oh well”..

Recently, a reader named Alison left a comment requesting help with a particular htaccess trick. She wanted to know how to permanently redirect (301) all requests for a specific page when requested from a specific IP address. In other words, when a visitor coming from 123.456.789 requests the page requested-page.html, the visitor will be redirected to just-for-you.html. All visitors not coming from that specific IP address are not redirected, and thus will see the originally requested page. Further, the redirect must apply only to requested-page.html, such that every visitor — including the one coming from 123.456.789 — will be able to see all of the other pages. Here is the htaccess code to make it happen:

# permanently redirect specific IP request for single page
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} 123\.456\.789
RewriteCond %{REQUEST_URI} /requested-page\.html$
RewriteRule .* /just-for-you.html [R=301,L]

To use this redirect, simply edit the IP address, requested page, and redirect page. Copy and paste the code into your htaccess file and upload to your server. Test the 301 redirect via proxy and that’s it. Relax and enjoy!

Jeff Starr
About the Author Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
Archives
83 responses
  1. Shouldn’t that last line be:

    RewriteRule .* /just-for-you.html [R=301,L]

    302 is a temporary re-direct. 301 is permanent.

  2. Jeff Starr

    Man, today is just not my day!
    Anyway, you are absolutely correct..
    I meant 301, said 301, and have no idea why I wrote 302 in the code (could be all the pain meds?).. either way, thank you for catching the error. The code now reads correctly (i think)..

  3. Hey dude this is great, but if I wanted to block an IP range, say:

    214.53.25.64 – 214.53.25.128

    how would it be written?

  4. Jeff Starr

    Snook,

    There are several ways to block a specific IP range.

    The first utilizes a CIDR number to block the specified range (via htaccess):

    # block IP range by CIDR number
    <Limit GET POST PUT>
     order allow,deny
     allow from all
     deny from 214.53.25.64/26
    </Limit>

    The second method is similar, only here we are expressing the range in netmask notation, using corresponding network/netmask values:

    # block an IP range via network/netmask values
    <Limit GET POST PUT>
     order allow,deny
     allow from all
     deny from 214.53.25.64/255.255.255.192
    </Limit>

    The third method tests all IP addresses against a predefined regular expression via RewriteCond/RewriteRule directives:

    RewriteEngine On
    RewriteCond %{REMOTE_ADDR} ^214.53.25.(6[4-9]|7[0-9]|8[0-9]|9[0-9])$ [OR]
    RewriteCond %{REMOTE_ADDR} ^214.53.25.1([0-1][0-9]|2[0-8])$
    RewriteRule .* - [F]

    There is probably a more efficient way to write the regular expressions in the previous example, but that should definitely get the job done.

  5. A great little article Jeff; some people these days still try and use metas on occasion to generate redirects by htaccess is truely the way i should be done!

  6. Jeff Starr

    I agree completely, Mike — handling redirects as close to the server as possible is definitely the way to go!

  7. um… ip cloaking via .htaccess ?

  8. Jeff Starr

    Ah, good point there, Tony. Thanks.

  9. I wasn’t thinking about it until people start to ask how to do it for specific IPs, Can probably use this to send SE ip to a page and regular ip to another page, maybe further divide the regular ip into region for geo targetted cloaking.

    Pretty good info here and a lot of room to think about… thanks

  10. This post has just made my day! I was looking all over to find this piece of code.

    I have a questions though. Do I have to rewrite the “RewriteEngine On” and “RewriteBase /” everytime I want to block a different IP?

  11. Jeff Starr

    Thank you for the kind remarks, Lisa :) And, no, you do not need to rewrite the first two directives for each different IP that you would like to block. For example, this will work just fine for multiple IPs:

    # permanently redirect multiple IP requests for single page
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REMOTE_HOST} 123\.456\.789
    RewriteCond %{REMOTE_HOST} 456\.789\.123
    RewriteCond %{REMOTE_HOST} 789\.123\.456
    RewriteCond %{REQUEST_URI} /requested-page\.html$
    RewriteRule .* /just-for-you.html [R=301,L]

    You may add as many IPs as you like, however, keep in mind that there may be a better way to block numerous addresses via pattern matching, depending on your needs.

  12. how about redirecting for a specific ISP. im trying to give a certain annoying character on my site a message, he uses a certain ISP that none of my other uses use. In my log files he shows up as
    ##-###-##-###.dhcp.insightbb.com

    His ip is constantly changing and im talking about every octet, not just the last 2.

[ Comments are closed for this post ]