How to block any useragent but two on whitelist with basicauth rule?

francislavoie · August 23, 2022, 5:14am

That makes no sense.

Think about it. not remote_ip private_ranges means effectively remote_ip public_ranges. So applied to the handler, effectively: basicauth for public_ranges.

If you remove the not, then you’re making basicauth apply to all private ranges. Which is the opposite of what you say you want.

You can’t just remove the not because it’s “not working”. That’s not a solution.

Are you sure that the remote_ip on the request you’re making actually is from a private IP? Check your access logs.

:80 {
	@blocked {
		not header_regexp User-Agent TestName1*|TestName2*
		not remote_ip private_ranges
	}
	handle @blocked {
		abort
	}

	handle {
		@public not remote_ip private_ranges
		basicauth @public {
			USER PASS
		}

		reverse_proxy ip:port
	}
}

You can just use private_ranges, it’s a shortcut for all the CIDRs for private IPv4 and IPv6.

wazer · August 23, 2022, 5:50am

Woah yeah that’s much easier with private_ranges, I’m not sure WHY it actually asked for password, I double checked, and removing the not it actually just did it again, none the less with private_ranges it no longer does it.

And I’m sorry for being so hard to work with, you have some patience, I must say

Huge thanks, I’m gonna move a bit further into this, its kinda like an addiction trying new things with caddy

system · September 21, 2022, 12:00pm

This topic was automatically closed after 30 days. New replies are no longer allowed.