| <Limit GET HEAD POST> vs. <Limit GET POST>
Can both be used in the .htaccess file? |
Amadon
msg:3537688 | 2:52 am on Dec 31, 2007 (gmt 0) |
My .htaccess file has these lines (among others): <Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit> I'd like to add the lines below in order to block access from a certain country. Will there be any conflicts with the above lines if I do that? <Limit GET HEAD POST>
order allow,deny
deny from 41.204.224.0/19
deny from 41.205.160.0/19
deny from 41.206.0.0/19
deny from 41.206.224.0/19
deny from 41.211.192.0/18
deny from 41.220.64.0/20
deny from 41.222.40.0/21
deny from 41.222.64.0/21
deny from 41.222.72.0/21
deny from 41.223.24.0/22
deny from 41.223.64.0/22
deny from 41.223.128.0/22
deny from 41.223.136.0/22
deny from 62.173.32.0/19
deny from 62.193.160.0/19
deny from 80.248.0.0/20
deny from 80.250.32.0/20
deny from 82.128.0.0/17
deny from 195.166.224.0/19
deny from 196.1.176.0/20
deny from 196.3.60.0/22
deny from 196.3.180.0/22
deny from 196.29.208.0/20
deny from 196.45.192.0/18
deny from 196.46.144.0/22
deny from 196.46.240.0/21
deny from 196.200.0.0/20
deny from 196.200.64.0/20
deny from 196.200.112.0/20
deny from 196.202.224.0/21
deny from 196.207.0.0/20
deny from 196.207.128.0/18
deny from 196.216.144.0/22
deny from 196.216.148.0/22
deny from 196.220.0.0/19
deny from 212.100.64.0/19
deny from 217.14.80.0/20
deny from 217.78.64.0/20
deny from 217.117.0.0/20
deny from 81.18.32.0/20
deny from 81.24.0.0/20
deny from 213.166.160.0/19
deny from 213.181.64.0/19
allow from all
</LIMIT>
|
g1smd
msg:3538074 | 7:20 pm on Dec 31, 2007 (gmt 0) |
There is an error in this: <Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
|
jdMorgan
msg:3538092 | 7:47 pm on Dec 31, 2007 (gmt 0) |
Only one Order directive per .htaccess file -- The last one overrides the previous ones. Similarly, any conflict between <Limit> containers will result in the last one that applies being used. There is no need to enclose the Deny from's in a <Limit> container, so I'm not sure why you're doing that. For example, PUTs and DELETEs will be allowed from your listed IP addresses with the code as-posted. Also, see <LimitExcept>, which may be useful to you. I'd suggest:
# Allow all to fetch robots.txt and custom 403 error page
SetEnvIf Request_URI "^/(robots\.txt¦my_custom_403_page\.html)$" allow-it
#
Order Deny,Allow
#
# Allow all to fetch robots.txt and custom 403 error page
<Limit GET>
Allow from env=allow-it
</Limit>
#
# Deny all methods except for GET, HEAD, and POST (HEAD is implied by GET -- see documentation)
<LimitExcept GET POST>
Deny from all
</LimitExcept>
#
# Deny from various country's IP address ranges
Deny from 41.204.224.0/19
Deny from 41.205.160.0/19
...
Deny from 213.166.160.0/19
Deny from 213.181.64.0/19
Replace the broken pipe character in the SetEnvIf directive above with a solid pipe character before use; Posting on this forum modifies the pipe characters. Jim [edited by: jdMorgan at 7:51 pm (utc) on Dec. 31, 2007]
|
Amadon
msg:3538254 | 3:02 am on Jan 1, 2008 (gmt 0) |
There is an error in this: <Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit> Okay, I give up, what's the error? (I'm a web designer and don't know much about .htaccess files, you may have deduced.)
|
wilderness
msg:3538277 | 5:58 am on Jan 1, 2008 (gmt 0) |
deny from all
allow from all |
|
the error is either/or NOT both.
|
touchring
msg:3557603 | 7:14 am on Jan 25, 2008 (gmt 0) |
Nice thread. I just got one question. Is there a way to allow bots like googlebot to come in while sending "page cannot resolve" to all other users from that country ip address range?
|
|
|
