The F flag returns a Forbidden (403 status code) response for the requested URL. This allows you to conditionally block access to certain URLs. When using the [F] flag, the target of the rule is not particularly important, but can be used for logging purposes.

  • Examples:*
RewriteEngine On
RewriteCond %{REMOTE_HOST} "riaa.com"
RewriteRule \.mp3$ - [F]

This particular ruleset would forbid access to .mp3 files if the remote host was in a certain domain.

Or, perhaps, you could use this flag in conjunction with the [E] flag (see [Flags/E]) to block requests from the Nimda worm, as well as exclude the associated entries from the log files:

RewriteEngind On
RewriteRule (cmd|root)\.exe - [F,E=dontlog:1]
CustomLog /var/log/apache/access_log combined env=!dontlog

The more verbose form of [forbidden] is also permitted.

_ Back to RewriteFlags_