How to do apache htaccess ban by ip with the some exception?

Question

P.S.: Sorry me and please be lenient with my English.

I have the situation when some IP must blocked and better way for this on my mind - htaccess. It cause I have many entry points. It easy and works fine...

I do:

<Files *>
    Order allow,deny
    deny from aaa.aaa.aaa.aaa/aa
    deny from bbb.bbb.bbb.bbb/bb
    Allow from all
</Files>

BUT! There one more things. I have a few devices which should be allowed access even if they go through the denied IP.

I can't install some module for Apache. So I need some simply way for decide it.

Can someone give me some ways or some tricks for it?

Answer 1

You need some way of identifying those devices, then you can add an environment variable to set up an exception and use access control by environment variable. For example, if you can do it by user-agent:

SetEnvIf User-Agent SpecialUA UAException=1
<Files *>
    Order allow,deny
    Allow from UAException=1
    Deny from aaa.aaa.aaa.aaa/aa
    Deny from bbb.bbb.bbb.bbb/bb
    Allow from all
</Files>

See also SetEnvIf. I am linking to Apache 2.2 docs since you are using the old syntax which has been updated in 2.4.