2

I'm trying to filter all clients (using .htaccess) who try to access addresses containing for instance path=\ in the URL, but not those URL's that contain _wpnonce=1234567890.

The logic is: block all but those who also have the _wpnonce parameter.

The blocking, without testing if it contains the substring looks like this:

RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR]

Is there a way to also include my substring negation there?

ruakh
  • 175,680
  • 26
  • 273
  • 307
conualfy
  • 657
  • 2
  • 9
  • 17

1 Answers1

1

The documentation says that the pattern is a Perl-compatible regular expression, so you should be able to use a negative lookahead assertion:

RewriteCond %{QUERY_STRING} ^(?!.*_wpnonce=1234567890).*(menu|mod|path|tag)\=\.?/? [NC,OR]

though it might be clearer to put it in a separate RewriteCond, provided you can get all the [OR]s to work out. If it weren't for the [OR]s, you could just write:

RewriteCond %{QUERY_STRING} !_wpnonce=1234567890 [NC]
RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC]
ruakh
  • 175,680
  • 26
  • 273
  • 307
  • I have used the second version and it works. As the list was longer (has more blocking lines) I had to put it first, otherwise it was ignoring the ones before it. There are other definitions after this, also. ` RewriteCond %{QUERY_STRING} !_wpnonce=[a-z0-9]{10} [NC] RewriteCond %{QUERY_STRING} (menu|mod|path|tag)\=\.?/? [NC,OR] ` – conualfy Feb 17 '12 at 02:35