I need a HTACCESS pro ! (I pay with paypal) - GoFuckYourself.com

CHMOD · 08-08-2010, 09:41 AM

I need a 15 min job done. I pay 50$ with Paypal.
I don't use epassporte. Always worked like shit and no customer service.

What you need to know :

1 - My members section is protected with http authentification. I use htaccess.

Here is what I need :

I have a flat file of banned usernames located in this directory :

/www/path/website/ban.dat

In my htaccess file, after the authentication, I need a conditional mod rewrite to look in the ban.dat file... If the username is in the ban.dat file, I need then the user to get redirected here : http://www.domain_name.com/ban.htm?{username}

If possible, when the user authenticate, I would prefefer to use my own login page instead of the default pop up window. I want to use strictly http authentication. No cookies.

You can reach me here : [email protected]

pythonx · 08-08-2010, 09:44 AM

15 min job? You could have done it by the time you typed this post.

V_RocKs · 08-08-2010, 09:48 AM

Would make much more sense then to redirect them through your login page which I assume will be in PHP or ASP.

V_RocKs · 08-08-2010, 09:49 AM

BTW, I just used customer service with Epassporte and I have to say, they have definitely been doing a much better job as of late!

borked · 08-08-2010, 12:36 PM

Add this to the header file after autnetication

Code:

if ( isset( $_SERVER['PHP_AUTH_USER'] ) ) {
  $banned_users = file( '/www/path/website/ban.dat' );
  if ( is_array($banned_users) ) {
    foreach ($banned_users as $user) {
      if ( $user == $_SERVER['PHP_AUTH_USER'] ) {
         header( "Location: http://www.domain_name.com/ban.htm?" . $_SERVER['PHP_AUTH_USER'] );
      }
  }
}

CHMOD · 08-08-2010, 01:17 PM

Quote:

Originally Posted by borked

Add this to the header file after autnetication

Code:

if ( isset( $_SERVER['PHP_AUTH_USER'] ) ) {
  $banned_users = file( '/www/path/website/ban.dat' );
  if ( is_array($banned_users) ) {
    foreach ($banned_users as $user) {
      if ( $user == $_SERVER['PHP_AUTH_USER'] ) {
         header( "Location: http://www.domain_name.com/ban.htm?" . $_SERVER['PHP_AUTH_USER'] );
      }
  }
}

Thanks for the hint !

But I can allready write in PHP.
For some reasons, I need it absolutely in a htaccess file.

Varius · 08-08-2010, 01:36 PM

You can redirect on specific usernames in htaccess by hard-coding rules for them, but I don't believe htaccess would have a way to read them from a file for this purpose.

TisMe · 08-08-2010, 07:33 PM

I've always gone to Ray, creator of Strongbox for help with htaccess stuff.

You can email him at: support AT bettercgi DOT com

borked · 08-08-2010, 11:20 PM

Varius is correct - htaccess cannot prepend/append files, so your only way is to prepend the htaccess file with the list of banned users as this format:

setenvif remote_user "username1" banned
setenvif remote_user "username2" banned

so that in htaccess, you have something like this:

Code:

##BANNED USERS##
setenvif remote_user "username1" banned
setenvif remote_user "username2" banned

AuthName 'My Protected Area'
AuthType Basic
AuthUserFile /home/var/etc/.htpasswd (or authmysql if you're using that)


<Files *>
deny from env=banned
</Files>

if you add the
##BANNED USERS##
line, you can have a script automatically update your htaccess by replacing

##BANNED USERS##

with
##BANNED USERS##
setenvif remote_user "username3" banned

that should take care of things

borked · 08-08-2010, 11:23 PM

see http://www.htaccesselite.com/setenvi...les-vt141.html

darksoul · 08-09-2010, 12:15 AM

I guess you're looking for RewriteMap
but this can only be used in server config and virtual host directives
basically you'd need access to the apache config file.

CHMOD · 08-09-2010, 02:08 AM

Quote:

Originally Posted by borked

Varius is correct - htaccess cannot prepend/append files, so your only way is to prepend the htaccess file with the list of banned users as this format:

setenvif remote_user "username1" banned
setenvif remote_user "username2" banned

so that in htaccess, you have something like this:

Code:

##BANNED USERS##
setenvif remote_user "username1" banned
setenvif remote_user "username2" banned

AuthName 'My Protected Area'
AuthType Basic
AuthUserFile /home/var/etc/.htpasswd (or authmysql if you're using that)


<Files *>
deny from env=banned
</Files>

if you add the
##BANNED USERS##
line, you can have a script automatically update your htaccess by replacing

##BANNED USERS##

with
##BANNED USERS##
setenvif remote_user "username3" banned

that should take care of things

Ultimatly, I could use this solution...
I'll try to see if it work !

But I would still prefer to have the banned names in an external flat file.

CHMOD · 08-09-2010, 02:09 AM

Quote:

Originally Posted by darksoul

I guess you're looking for RewriteMap
but this can only be used in server config and virtual host directives
basically you'd need access to the apache config file.

Yes I have found this solution too...

But I really need this to be coded in the htaccess file.
And not in apache itself.

raymor · 08-09-2010, 07:38 AM

[QUOTE=CHMOD;17400259]
If possible, when the user authenticate, I would prefefer to use my own login page instead of the default pop up window. I want to use strictly http authentication./QUOTE]

Those are two opposite statements, so both can not be true. I noticed a few other significant
misunderstandings in your posts, so you might consider using a professionally designed
and very well tested system rather than trying to design this yourself.

08-08-2010, 09:41 AM	#1
CHMOD Confirmed User Join Date: Jun 2003 Posts: 1,697	I need a HTACCESS pro ! (I pay with paypal) I need a 15 min job done. I pay 50$ with Paypal. I don't use epassporte. Always worked like shit and no customer service. What you need to know : 1 - My members section is protected with http authentification. I use htaccess. Here is what I need : I have a flat file of banned usernames located in this directory : /www/path/website/ban.dat In my htaccess file, after the authentication, I need a conditional mod rewrite to look in the ban.dat file... If the username is in the ban.dat file, I need then the user to get redirected here : http://www.domain_name.com/ban.htm?{username} If possible, when the user authenticate, I would prefefer to use my own login page instead of the default pop up window. I want to use strictly http authentication. No cookies. You can reach me here : [email protected]

08-08-2010, 12:36 PM	#5
borked Totally Borked Industry Role: Join Date: Feb 2005 Posts: 6,284	Add this to the header file after autnetication Code: if ( isset( $_SERVER['PHP_AUTH_USER'] ) ) { $banned_users = file( '/www/path/website/ban.dat' ); if ( is_array($banned_users) ) { foreach ($banned_users as $user) { if ( $user == $_SERVER['PHP_AUTH_USER'] ) { header( "Location: http://www.domain_name.com/ban.htm?" . $_SERVER['PHP_AUTH_USER'] ); } } } __________________ For coding work - hit me up on andy // borkedcoder // com (consider figuring out the email as test #1) All models are wrong, but some are useful. George E.P. Box. p202

08-08-2010, 01:36 PM	#7
Varius Confirmed User Industry Role: Join Date: Jun 2004 Location: New York, NY Posts: 6,890	You can redirect on specific usernames in htaccess by hard-coding rules for them, but I don't believe htaccess would have a way to read them from a file for this purpose. __________________ Skype variuscr - Email varius AT gmail

08-08-2010, 11:20 PM	#9
borked Totally Borked Industry Role: Join Date: Feb 2005 Posts: 6,284	Varius is correct - htaccess cannot prepend/append files, so your only way is to prepend the htaccess file with the list of banned users as this format: setenvif remote_user "username1" banned setenvif remote_user "username2" banned so that in htaccess, you have something like this: Code: ##BANNED USERS## setenvif remote_user "username1" banned setenvif remote_user "username2" banned AuthName 'My Protected Area' AuthType Basic AuthUserFile /home/var/etc/.htpasswd (or authmysql if you're using that) <Files > deny from env=banned </Files> if you add the ##BANNED USERS## line, you can have a script automatically update your htaccess by replacing ##BANNED USERS## with ##BANNED USERS## setenvif remote_user "username3" banned that should take care of things __________________ For coding work - hit me up on andy // borkedcoder // com (consider figuring out the email as test #1) All models are wrong, but some are useful.* George E.P. Box. p202

08-08-2010, 11:23 PM	#10
borked Totally Borked Industry Role: Join Date: Feb 2005 Posts: 6,284	see http://www.htaccesselite.com/setenvi...les-vt141.html __________________ For coding work - hit me up on andy // borkedcoder // com (consider figuring out the email as test #1) All models are wrong, but some are useful. George E.P. Box. p202

08-08-2010, 09:44 AM	#2
pythonx Confirmed User Join Date: Aug 2004 Posts: 430	15 min job? You could have done it by the time you typed this post.

08-08-2010, 09:48 AM	#3
V_RocKs Damn Right I Kiss Ass! Industry Role: Join Date: Dec 2003 Location: Cowtown, USA Posts: 32,397	Would make much more sense then to redirect them through your login page which I assume will be in PHP or ASP.

08-08-2010, 09:49 AM	#4
V_RocKs Damn Right I Kiss Ass! Industry Role: Join Date: Dec 2003 Location: Cowtown, USA Posts: 32,397	BTW, I just used customer service with Epassporte and I have to say, they have definitely been doing a much better job as of late!

08-08-2010, 07:33 PM	#8
TisMe Confirmed User Join Date: Aug 2008 Posts: 1,719	I've always gone to Ray, creator of Strongbox for help with htaccess stuff. You can email him at: support AT bettercgi DOT com

08-09-2010, 12:15 AM	#11
darksoul Confirmed User Join Date: Apr 2002 Location: /root/ Posts: 4,997	I guess you're looking for RewriteMap but this can only be used in server config and virtual host directives basically you'd need access to the apache config file. __________________ 1337 5y54\|)m1n: 157717888 BM-2cUBw4B2fgiYAfjkE7JvWaJMiUXD96n9tN Cambooth

08-09-2010, 07:38 AM	#14
raymor Confirmed User Join Date: Oct 2002 Posts: 3,745	[QUOTE=CHMOD;17400259] If possible, when the user authenticate, I would prefefer to use my own login page instead of the default pop up window. I want to use strictly http authentication./QUOTE] Those are two opposite statements, so both can not be true. I noticed a few other significant misunderstandings in your posts, so you might consider using a professionally designed and very well tested system rather than trying to design this yourself. __________________ For historical display only. This information is not current: support@bettercgi.com ICQ 7208627 Strongbox - The next generation in site security Throttlebox - The next generation in bandwidth control Clonebox - Backup and disaster recovery on steroids