apache block URL by pattern

How to Block URL Pattern in Apache

Apache server allows you to restrict or block access to URLs, folder and subdomains in numerous ways. Sometimes you may need to block URL pattern in Apache web server. You can easily do this using .htaccess file on your website. In this article, we will look at how to block a particular URL pattern in Apache using regular expressions. You can modify these regular expressions as per your requirement to block URL patterns on your site.


How to Block URL Pattern in Apache

Here are the steps to block URL pattern in Apache.


1. Open .htaccess file

Open .htaccess in a text editor

$ sudo vi /var/www/html/.htaccess

Let us say you want to block add URLs beginning with /product/****/data then add the following lines to your .htaccess file.

RewriteEngine On 
RewriteCond %{REQUEST_URI} ^/product/[^/]+/data$ [NC] 
RewriteRule ^.*$ - [F,L]

Let us look at the above lines. In the first line, we enable mod_rewrite required to perform URL redirections. Next, we add RewriteCond that blocks URLs containing /product at its beginning and /data at its end. We have used [^/]+ regular expression to cover all URL strings in between /product and /data. You can modify the regular expression as per your requirement.

Finally, we use F flag in RewriteRule to return a 403 Access Forbidden response.

Now when a client or bot requests a URL such as /product/test/data they will get 403 Access Forbidden message.

If you want to redirect to 404 page not found error on requesting the above URL, you may modify the above RewriteRule as shown below.

RewriteRule ^.*$ - [R=404,L]

If you have access to virtual host file (/etc/apache2/sites-available/000-default.conf) or do not want to modify .htacces file, then add the above lines in a Location block in Virtual Host file. It will have the same effect.

<Location /> 
RewriteEngine On 
RewriteCond %{REQUEST_URI} ^/product/[^/]+/data$ [NC] 
RewriteRule ^.*$ - [F,L] 
</Location>


2. Restart Apache server

Restart Apache server to apply changes.

$ sudo service apache2 restart

As you can see, it is very easy to block URLs based on regular expression patterns. You just need to modify the URL pattern in RewriteCond above as per your requirement, and apply the above steps as it is. This is very useful if you want to block specific bots from accessing your URLs. In fact, you can also check user-agent in RewriteCond to block specific bots from visiting your website’s URLs.

Also read :

How to Redirect Port 80 to 8080
How to Parse JSON in NodeJS
How to Monitor Apache Server Performance using mod_status
How to Hide PHP Version in WordPress/Apache
How to Setup SSL/HTTPS in NodeJS

Leave a Reply

Your email address will not be published.