I'm trying to restrict folder and file access based on browser cookies.
Files can only be accessed if these 3 conditions are met:
example_cookie existsexample_cookie is value1 or value2 BUT NOT anything else e.g. value3, value4, etcMy .htaccess file currently looks like this:
RewriteEngine On
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value1;? [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value2;? [NC]
RewriteRule ^(.*)$ - [R=403,L]
Just having the first 2 conditions seems to be working fine by themselves.
The last 2 conditions still blocks access if not logged in or if example_cookie is not set but allows access for any set value of example_cookie not just value1 or value2.
Any help will be much appreciated, thanks!
The (edited) posted code does work now. On line 4, I had the ;? around the wrong way! I also didn't need line 3.
Final code:
RewriteEngine On
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value1;? [NC]
RewriteCond %{HTTP_COOKIE} !example_cookie=value2;? [NC]
RewriteRule ^(.*)$ - [R=403,L]