Blocking Access to mt-tb.cgi via Apache Conf File Rewrite Conditions
Posted October 19th, 2006 @ 03:27pm by Erik J. Barzeski
Since SixAapart is dog slow at fixing problems and adding features to MovableType, I've spent a little while today trying to implement my own mt-tb.cgi whitelist. It goes a little something like this:
RewriteCond %{REMOTE_ADDR} !^127.0.0.1$
RewriteCond %{REMOTE_ADDR} !^64.226.43.134$
RewriteRule ^/cgi-bin/mt-tb.cgi - [F]
Unfortunately, that doesn't work. Even the last line, alone, fails to work. I've put these lines inside the <VirtualHost> (but outside of any <Directory>s) block in my vhosts.conf file (thesandtrap.com is the only vhost on this server).
Does anyone have any ideas how I might get this to work? My thinking is that, by blocking access immediately to the script to anyone but a small, pre-approved list of IPs, I might ease the server load and let mt-tb.cgi work as it should for me. Currently, I rename the script every time I want to send a TrackBack from another article on the site, then rename it back when it's done.
Donate Life
Posted 19 Oct 2006 at 3:46pm #
I've resolved the issue. I had to remove an earlier RewriteBase and the Rule now looks like "mt-tb.cgi - [F]" without the path info.