====== Apache logical OR & AND conditions with SetEnvIf ====== Unfortunately, the [[http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html#setenvif|Apache SetEnvIf module]] doesn't support logical conditions, like ''OR'' & ''AND''. More specifically, it is not possible to set a variable only if <color navy>''condition1''</color> ''AND/OR'' <color navy>''condition2''</color> are verified. For example, to [[http://httpd.apache.org/docs/2.2/mod/mod_log_config.html#customlog|log]] all the POST queries made from the loopback interface in a separate log file, you __can't__ do this: <file> CustomLog /var/log/apache2/loopback_posts.log combined env=posting_myself SetEnvIf Remote_Addr "^127\.0\.0\.1$" AND Request_Method "POST" posting_myself </file> The first line is valid, it asks the server to log all the requests to the mentioned file, only if the environment variable <color navy>''posting_myself''</color> is set.\\ The second line attemps to set the <color navy>''posting_myself''</color> variable if two conditions are met (use of a logical AND), which is not a supported syntax. On a first attempt to work around this problem, I came up with this: <file> CustomLog /var/log/apache2/loopback_posts.log combined env=posting_myself SetEnv loopback_ip 0 SetEnvIf Remote_Addr "^127\.0\.0\.1$" loopback_ip=1 SetEnvIf Request_Method "POST" posting_myself SetEnvIf loopback_ip 0 !posting_myself </file> The first line is unchanged.\\ The second line unconditionally sets the variable <color navy>''loopback_ip''</color> to zero (meaning : false).\\ The third line sets the same variable to one ("true") if the requests indeed comes from the loopback IP.\\ The fourth line sets the variable <color navy>''posting_myself''</color> to true if the request method is POST.\\ Note that at this stage, the <color navy>''posting_myself''</color> variable can be true, even if somebody else made the request. This is taken care of at the last line, where <color navy>''posting_myself''</color> is unset if the variable <color navy>''loopback_ip''</color> is equal to zero (false).\\ After the last line, we will have the <color navy>''posting_myself''</color> variable set only if the request comes from the loopback IP **and** if the request is a POST. Unfortunately, this doesn't work either, for a subtle reason : the <color navy>''SetEnv''</color> directive is executed after the <color purple>''SetEnvIf''</color> directives, according to the Apache documentation. This means that when <color purple>''SetEnv''</color> sets <color navy>''loopback_ip''</color> to zero, it's way too late. So, I came up with this other version to emulate a <color purple>''SetEnvif''</color> logical AND: <file> CustomLog /var/log/apache2/loopback_posts.log combined env=posting_myself SetEnvIf Remote_Addr "^" loopback_ip=0 SetEnvIf Remote_Addr "^127\.0\.0\.1$" loopback_ip=1 SetEnvIf Request_Method "POST" posting_myself SetEnvIf loopback_ip 0 !posting_myself </file> This is similar to the previous attempt, only the second line changes: I have to use <color purple>''SetEnvIf''</color>, to //artificially// set <color navy>''loopback_ip''</color> to zero, unconditionally. To do this, I use a regex that will always match : "^". Note that I used <color navy>''Remote_Addr''</color>, but I could have used <color navy>''Request_Protocol''</color>, <color navy>''Request_URI''</color> or anything else: the only important thing is that it always matches and does set <color navy>''loopback_ip''</color> to zero. Now, to emulate a <color purple>''SetEnvIf''</color> logical OR, this is way easier: <file> SetEnvIf Remote_Addr "^192\.168\.0\." my_networks SetEnvIf Remote_Addr "^127\.0\.0\.1$" my_networks </file> Here, the variable <color navy>''my_networks''</color> will be set if the remote address starts with "192.168.0." or is "127.0.0.1". It's that simple.\\ Well, I could have used a smarter regex to do this in one line, but it would have ruined my logical OR example! :) ~~META:date created = 2010-01-28 18:41:00~~