iTP Secure WebServer System Administrator's Guide (Version 7.0)
Configuring the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide—523346-012
7-39
Using Pattern Variables (Lists)
Using Pattern Variables (Lists)
The same list of matching patterns can be shared among multiple Region directives.
For example, if you want to deny the same set of hosts access to two different regions,
you can specify two Region directives, each of which includes the same list of host
patterns:
Region /admin/* {
DenyHost *.widgets.com *.compedia.com *.foo.com
}
Region /testing/* {
DenyHost *.widgets.com *.compedia.com *.foo.com
}
You cannot include more than one matching pattern in a Region directive. For
example, you cannot merge the two Region directives into the single directive:
Region /admin/* /testing/* {
DenyHost *.widgets.com *.compedia.com *.foo.com
}
As pattern lists grow, however, this approach can become increasingly unwieldy. To
change a list, you would need to make the same change to each occurrence of the list.
As an alternative, you can use the RegionSet directive to assign a list of patterns to a
variable. This variable can then be used within Region commands as needed. If you
subsequently need to change the list, you only need to change it once.
You specify a RegionSet directive as:
RegionSet variable value
where:
variable
is the name of the variable.
value
is the value to which you are setting this variable.
Returning to the earlier example, you could accomplish the same result using the
following RegionSet directive:
RegionSet denyList "*.widgets.com *.compedia.com *.foo.com"
Region /admin/* {
DenyHost $denyList
}
Region /testing/* {
DenyHost $denyList
}
If you subsequently needed to change your deny-access list, you would only need to
change it in the RegionSet directive.