Home > OS >  htaccess - check multiple cookies with multiple values
htaccess - check multiple cookies with multiple values

Time:06-01

I'm trying to restrict folder and file access based on browser cookies.

Files can only be accessed if these 3 conditions are met:

  1. Wordpress user is logged in
  2. example_cookie exists
  3. example_cookie is value1 or value2 BUT NOT anything else e.g. value3, value4, etc

My .htaccess file currently looks like this:

RewriteEngine On
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value1;? [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value2;? [NC]
RewriteRule ^(.*)$ - [R=403,L]

Just having the first 2 conditions seems to be working fine by themselves.

The last 2 conditions still blocks access if not logged in or if example_cookie is not set but allows access for any set value of example_cookie not just value1 or value2.

Any help will be much appreciated, thanks!

CodePudding user response:

The (edited) posted code does work now. On line 4, I had the ;? around the wrong way! I also didn't need line 3. Final code:

RewriteEngine On
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value1;? [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value2;? [NC]
RewriteRule ^(.*)$ - [R=403,L]
  • Related