Tyler Muth’s Blog

Technology with a focus on Oracle, Application Express and Linux

mod_rewrite and APEX part 2

Posted by Tyler Muth on August 13, 2008

Here’s another Apache mod_rewrite example that I would love to get some feedback on from the community.

RewriteCond %{REQUEST_URI}%{QUERY_STRING} !/pls/(apex|builder)/f?p=4155:.*
RewriteCond %{REQUEST_URI}%{QUERY_STRING} /pls/(apex|builder)/f?p=(4[0-9]{3}:.*)
RewriteCond %{REMOTE_ADDR}        !^(127\.0\.0\.1|192\.168\.1\.[0-9]{1,3})$
RewriteRule /pls/(apex|builder)/ - [F]
  1. Any request for a 4000 series application (the APEX dev environment) on either the “apex” or “builder” DAD…
  2. …Not coming from either localhost or a 192.168.1.x address…
  3. Return a 403 “Forbidden” page.

This is a simple way to protect your development environment from people that don’t belong there.  The runtime-only installation option introduced in APEX 3.1 is even more secure, but there may be users on previous versions or that do not want to use the runtime only option.  Thoughts?


4 Responses to “mod_rewrite and APEX part 2”

  1. Christopher Beck said


    Think you need to change Line 2 to this:

    RewriteCond %{REMOTE_ADDR} !^(127\.[0]{1,3}\.[0]{1,3}\.[0]{1,2}1|192\.168\.[0]{1,2}1\.[0-9]{1,3})$

    basically and are the same thing so you need to handle the possibility of leading zeros.


  2. Tyler Muth said

    Thanks to Joel Kallman for pointing out that Application 4155 is used for end-user password resets and should be exempt from this policy. I added line 1 to account for this.

  3. Tyler,

    This is a fairly secure method and we have used the same rules a few times. In general I have favored using Apache as reverse proxy for external traffic to deny the traffic I don’t want, but that has challenges of its own. This works well and does not require any additional hardware, network configs or installations. Nice post.


  4. Eאשט said

    Hello Tyler,

    It would be much appreciated if you can assist on this one :

    An example for re-writing the root (index.html) to another url (/pls/apex…)

    Etay G

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: