I have a folder "my_files" on my server (Apache 2.4.29 Ubuntu) that holds files with the client id as filename. Example: my_files/92.4.56.125
Now just clients with matching ip address should be allowed to download the corresponding file.
In appache2/sites-available/mydomaim.conf I added following lines:
SetEnvIf Request_URI "92.4.56.125" + "$" owner_requesting
<Directory /home/server/my_files>
Require env owner_requesting
</Directory>
This works perfect. But the ip is still hardcoded. What I need, is the client ip at request time. But I cannot figure out, how to use Remote_Addr.
The following does not work:
SetEnvIf Remote_Addr "(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$" IPSTR=$1
SetEnvIf Request_URI IPSTR + "$" owner_requesting
<Directory /home/server/x3d_files>
Require env owner_requesting
</Directory>
I checked IPSTR by passing it to header and it returned the correct IP.
Maybe SetEnvIf Request_URI is processed earlier, when SetEnvIf Remote_Addr ist not yet evaluated?
Any Idea?
Ok, setting an ENV via mod-rewrite and combining variable in condition do the trick
RewriteEngine on
RewriteCond %{REMOTE_ADDR}#$1 ^([^#]+)#\1$
RewriteRule (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$ - [E=owner_requesting:%{REMOTE_ADDR}]
<Directory /home/server/x3d_files>
Require env owner_requesting
</Directory>
Short explanation:
In RewriteCond %{REMOTE_ADDR} is combined with the first match $1 from RewriteRule (actually %{REQUREST_URI} (\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3})$). Delimter is #. The ^([^#]+) matches %{REMOTE_ADDR} and is back referenced using /1. \1$ is then matched against $1. In words, if Request_URL is ending with an IP and the IP is the client IP, then RewriteCond is true.
Lastly set ENV with -
[E=owner_requesting:%{Abitrary}]