not2easy
msg:4530547 | 5:37 am on Dec 23, 2012 (gmt 0) |
The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from". The deny, allow order matters too.
|
wilderness
msg:4530559 | 6:27 am on Dec 23, 2012 (gmt 0) |
| unfriendly "visitors" from accessing my friends website through cPanel IP Deny Manager. |
|
This is a bad method of modifying access and/or htaccess.
The methods used by cPanel are beyond you control and may not be manageable. Even syntax errors are likely.
As you have seen, and as not2easy has advised you.
You need to create your own htaccess.
|
alexr
msg:4530560 | 6:37 am on Dec 23, 2012 (gmt 0) |
Thanks for your reply not2easy, :)
I understand what you say and it is certainly true, but as a wannabe admin(I really do it just to help out for free) I don't know how.
Would appreciate very much a scrap of code that demonstrates your advice as 403 directive was, I think, generated either by cPanel or isp or maybe it's some Apache default.
|
wilderness
msg:4530561 | 6:50 am on Dec 23, 2012 (gmt 0) |
A scrap is all your going to get.
The purpose and function of this forum is so webmasters learn so to create their own solutions. Please read the forum charter
There should be examples of this in the forum library these types of lines are the simplest of htaccess commands.
order deny,allow
deny from 178.175.24.0/21
deny from all
deny from env=desired phrase
|
alexr
msg:4530562 | 6:50 am on Dec 23, 2012 (gmt 0) |
BTW, I've tried this online htaccess checker [lyxx.com] but it found nothing amiss. o_O
|
lucy24
msg:4530564 | 6:56 am on Dec 23, 2012 (gmt 0) |
| The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from". |
|
By default, directives apply to anything that isn't inside a Files or FilesMatch envelope. Generally that's what you want. Many people also make an exemption for robots.txt.
There should be an Order directive to go with the loose Deny from... directives. If you don't say, apache [httpd.apache.org] uses its default, which is Deny,Allow. This doesn't make a difference in your htaccess as quoted. But if you include the boilerplate line
Allow from all
the lack of an explicit Order... directive becomes catastrophic.
Order Allow,Deny
Allow from all
Deny from {long list here}
= allow from everyone except the ones on your Deny list.
Order Deny,Allow
Allow from all
Deny from {long list here}
= Allow from all
It does not matter if your "Allow from" lines come before or after the "Deny from" lines or if they are all garbled together. The only thing that matters is the "Order..." directive
|
alexr
msg:4530572 | 7:32 am on Dec 23, 2012 (gmt 0) |
Thanks lucy24 & all, :)
I am trying something like this:
order allow,deny
deny from 192.168.
deny from 10.0.0.
allow from all
below 403 directive. I'm curious if cPanel will muddle it next time I try to block new intruders(sigh).
|
wilderness
msg:4530573 | 7:33 am on Dec 23, 2012 (gmt 0) |
| BTW, I've tried this online htaccess checker |
|
WORTHLESS!
I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer.
|
alexr
msg:4530574 | 7:41 am on Dec 23, 2012 (gmt 0) |
WORTHLESS!
I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer. |
|
So it seems... Wilderness, can you, by any chance, recommend to a newbie a reliable(free) online htaccess checker if there is one in existance, please?
|
wilderness
msg:4530577 | 8:10 am on Dec 23, 2012 (gmt 0) |
| can you, by any chance, recommend |
|
Not aware of any such tool that exists.
However, and if one existed, it's against the forum charter to post a link to one.
|
lucy24
msg:4530586 | 9:09 am on Dec 23, 2012 (gmt 0) |
Picking apart htaccess files is what's what this forum is for. Not blanket line-by-line checking. But
"I want my htaccess to do such-and-such:
{ explanation in English }
Here's what I've come up with so far:
{ sample of the relevant snippet of code, not a complete dump of the whole thing }
But it doesn't do such-and-such, instead it:
{ does thus-and-so | gives everyone a 500 error | doesn't seem to have any effect at all }
or
It does such-and-such, but it also does this-and-that which I didn't want it to do."
|
alexr
msg:4530590 | 10:19 am on Dec 23, 2012 (gmt 0) |
Not aware of any such tool that exists.
However, and if one existed, it's against the forum charter to post a link to one. |
|
Wonder why is it difficult to write one? As for this rule, well, for sure, if one existed, it would be on topic and useful to the inexperienced.
@Lucy24
Of course you are right. I was looking for a quick-fix solution for this problem as it is becoming chronic and I really have no time to delve into Apache configuration subtleties.When my friend gets better(financially) I'll recommend that he hires a pro. I'm a designer.
Thank you for your help, much obliged. :)
|
g1smd
msg:4530638 | 6:09 pm on Dec 23, 2012 (gmt 0) |
| Wonder why is it difficult to write one? |
|
Because there's no way it could know what you wanted the code to actually do.
Once you get more proficient with htaccess you'll spot errors more easily. The only way is to learn. And remember this: the more mistakes you make, the more you learn.
|
|
