[SOLVED] Wildcard in a Require expr in Apache

Wildcard in a Require expr in Apache

I'm trying to set up a Require expression in my Apache config to forbid users from accessing any file in a directory except specific types of files.

When accessed over the internet, everything else should give a 403 except to a few specific IP addresses where it should allow to be loaded.

For instance:

https://www.mywebsite.com/stats/ --> SHOULD 403 for restricted users
https://www.mywebsite.com/stats/stats.php --> SHOULD NOT 403
https://www.mywebsite.com/stats/stats.js --> SHOULD NOT 403
https://www.mywebsite.com/stats/js/container_ABCDEFG.js --> SHOULD NOT 403

Currently in my Apache Config, this is managed for stats.php like so:

<RequireAny>
        Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js' }"
        Include conf/restrict.conf
</RequireAny>

Now I'm trying to add the rule for stats/js/container_ABCDEFG.js but I can't figure out. I haven't been able to find helpful info on Google, because it isn't exactly easy to search specifically what I'm looking for.

ABCDEFG is randomly generated so it could change at any time, so I'd like a wildcard expression that can match any stats/js/container_*.js file.

I tried the following (not all at the same time -- one by one):

Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/container_*.js'}"
Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/container_(.*).js'}"
Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/#'}"
Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/*'}"
Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/%'}"
Require expr "%{REQUEST_URI} in { '/stats/stats.php', '/stats/stats.js', '/stats/js/'}"

However, none of them worked, i still get a 403 when I access the file in my browser. Only specifying the filename directly worked, but if the filename changes I'll have to edit my config, so that's not good enough.

What am I missing here? What's the wildcard character?

Solution

As per CBROe's comment, indeed it is impossible to use a wildcard in an expression using the in operator.

Therefore it was necessary to translate into multiple regexes:

Require expr "%{REQUEST_URI} =~ m#/stats/stats.php#"
Require expr "%{REQUEST_URI} =~ m#/stats/stats.js#"
Require expr "%{REQUEST_URI} =~ m#/stats/js/container(.*)#"

and now it works