homepage Welcome to WebmasterWorld Guest from 54.211.213.10
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Why htaccess is not bloking unwanted ips?
alexr




msg:4530542
 5:17 am on Dec 23, 2012 (gmt 0)

I'm trying to block(aren't we all xD) unfriendly "visitors" from accessing my friends website through cPanel IP Deny Manager. Somehow, this doesn't seem to have effect since I frequently see the blocked ips popping in visitors list.

Can anybody please tell me what's wrongly defined in the .htaccess file below? Thanks in advance for all your help.


<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 178.175.24.0/21
deny from 124.114.0.0/15
deny from 119.147.75.0/24
deny from 119.147.6.60
deny from 216.38.216.101
deny from 195.222.96.0/22
deny from 94.75.245.0/24
deny from 91.224.160.0/23
deny from 194.247.12.8
deny from 194.247.12.0/23
deny from 124.121.192.
deny from 208.91.198.0/23
deny from 212.40.96.0/21
deny from 212.40.104.0/22
deny from 82.114.76.192/29
deny from 46.19.224.128/26
deny from 200.160.238.161
deny from 94.139.160.0/22
deny from 109.124.98.248/29
deny from 185.2.12.0/23
deny from 77.245.144.0/20
deny from 216.14.112.0/20
deny from 87.236.209.0/24
deny from 86.109.112.0/24
deny from 37.130.227.133
deny from 199.48.147.36
deny from 188.143.233.0/24
deny from 74.217.0.0/16
deny from 208.48.224.0/19
deny from 208.49.0.0/16
deny from 208.50.0.0/17
deny from 64.124.0.0/15
deny from 173.255.192.0/18
deny from 96.8.112.0/20
deny from 77.245.149.21
deny from 177.85.97.13

 

not2easy




msg:4530547
 5:37 am on Dec 23, 2012 (gmt 0)

The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from". The deny, allow order matters too.

wilderness




msg:4530559
 6:27 am on Dec 23, 2012 (gmt 0)

unfriendly "visitors" from accessing my friends website through cPanel IP Deny Manager.


This is a bad method of modifying access and/or htaccess.
The methods used by cPanel are beyond you control and may not be manageable. Even syntax errors are likely.

As you have seen, and as not2easy has advised you.

You need to create your own htaccess.

alexr




msg:4530560
 6:37 am on Dec 23, 2012 (gmt 0)

Thanks for your reply not2easy, :)

I understand what you say and it is certainly true, but as a wannabe admin(I really do it just to help out for free) I don't know how.

Would appreciate very much a scrap of code that demonstrates your advice as 403 directive was, I think, generated either by cPanel or isp or maybe it's some Apache default.

wilderness




msg:4530561
 6:50 am on Dec 23, 2012 (gmt 0)

A scrap is all your going to get.
The purpose and function of this forum is so webmasters learn so to create their own solutions. Please read the forum charter

There should be examples of this in the forum library these types of lines are the simplest of htaccess commands.

order deny,allow
deny from 178.175.24.0/21
deny from all
deny from env=desired phrase

alexr




msg:4530562
 6:50 am on Dec 23, 2012 (gmt 0)

BTW, I've tried this online htaccess checker [lyxx.com] but it found nothing amiss. o_O

lucy24




msg:4530564
 6:56 am on Dec 23, 2012 (gmt 0)

The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from".

By default, directives apply to anything that isn't inside a Files or FilesMatch envelope. Generally that's what you want. Many people also make an exemption for robots.txt.

There should be an Order directive to go with the loose Deny from... directives. If you don't say, apache [httpd.apache.org] uses its default, which is Deny,Allow. This doesn't make a difference in your htaccess as quoted. But if you include the boilerplate line
Allow from all
the lack of an explicit Order... directive becomes catastrophic.

Order Allow,Deny
Allow from all
Deny from {long list here}
= allow from everyone except the ones on your Deny list.

Order Deny,Allow
Allow from all
Deny from {long list here}
= Allow from all

It does not matter if your "Allow from" lines come before or after the "Deny from" lines or if they are all garbled together. The only thing that matters is the "Order..." directive

alexr




msg:4530572
 7:32 am on Dec 23, 2012 (gmt 0)

Thanks lucy24 & all, :)

I am trying something like this:

order allow,deny
deny from 192.168.
deny from 10.0.0.
allow from all

below 403 directive. I'm curious if cPanel will muddle it next time I try to block new intruders(sigh).

wilderness




msg:4530573
 7:33 am on Dec 23, 2012 (gmt 0)

BTW, I've tried this online htaccess checker


WORTHLESS!

I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer.

alexr




msg:4530574
 7:41 am on Dec 23, 2012 (gmt 0)

WORTHLESS!

I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer.


So it seems... Wilderness, can you, by any chance, recommend to a newbie a reliable(free) online htaccess checker if there is one in existance, please?

wilderness




msg:4530577
 8:10 am on Dec 23, 2012 (gmt 0)

can you, by any chance, recommend


Not aware of any such tool that exists.

However, and if one existed, it's against the forum charter to post a link to one.

lucy24




msg:4530586
 9:09 am on Dec 23, 2012 (gmt 0)

Picking apart htaccess files is what's what this forum is for. Not blanket line-by-line checking. But

"I want my htaccess to do such-and-such:
{ explanation in English }
Here's what I've come up with so far:
{ sample of the relevant snippet of code, not a complete dump of the whole thing }
But it doesn't do such-and-such, instead it:
{ does thus-and-so | gives everyone a 500 error | doesn't seem to have any effect at all }
or
It does such-and-such, but it also does this-and-that which I didn't want it to do."

alexr




msg:4530590
 10:19 am on Dec 23, 2012 (gmt 0)

Not aware of any such tool that exists.

However, and if one existed, it's against the forum charter to post a link to one.


Wonder why is it difficult to write one? As for this rule, well, for sure, if one existed, it would be on topic and useful to the inexperienced.

@Lucy24

Of course you are right. I was looking for a quick-fix solution for this problem as it is becoming chronic and I really have no time to delve into Apache configuration subtleties.When my friend gets better(financially) I'll recommend that he hires a pro. I'm a designer.


Thank you for your help, much obliged. :)

g1smd




msg:4530638
 6:09 pm on Dec 23, 2012 (gmt 0)

Wonder why is it difficult to write one?

Because there's no way it could know what you wanted the code to actually do.

Once you get more proficient with htaccess you'll spot errors more easily. The only way is to learn. And remember this: the more mistakes you make, the more you learn.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved