phranque
msg:4545206 | 9:08 am on Feb 13, 2013 (gmt 0) |
I would recommend against that solution - if you added a DNS lookup for every request that would slow down your server.
|
luedvic
msg:4545290 | 12:28 pm on Feb 13, 2013 (gmt 0) |
| I would recommend against that solution - if you added a DNS lookup for every request that would slow down your server. |
|
I figured that this is not a wise practice, especially for large sites but I simply would like to know if it is possible. If it is possible, I'll consider configuring my server in that manner since I am the only person ever visiting it and all I use it for is a my own personal wiki and testing apache configuration settings.
|
lucy24
msg:4545322 | 1:59 pm on Feb 13, 2013 (gmt 0) |
In addition to slowing down the server, it makes a mess of your logs. They'll change from this
67.122.aaa.bbb - - [12/Feb/2013:19:14:33 -0800] "GET / HTTP/1.1" 403 799 "-" "<here I am>"
to this
adsl-67-122-aaa-bbb.dsl.pltn13.pacbell.net - - [12/Feb/2013:19:15:08 -0800] "GET / HTTP/1.1" 200 682 "-" "<here I am>"
(I've seen this before but had to double-check. In this particular case the IP address is still extractable, but in some log entries it wouldn't be visible at all. In others it may come out backward. Plays havoc with log processing, anyway.)
|
phranque
msg:4545323 | 2:01 pm on Feb 13, 2013 (gmt 0) |
by the way - welcome to WebmasterWorld, luedvic!
the mod_authz_host apache module is your answer but note that the specific solution depends on your version of apache so make sure you refer to the correct version of the apache docs.
|
phranque
msg:4545324 | 2:10 pm on Feb 13, 2013 (gmt 0) |
lucy24 is referring to setting HostnameLookups On in which case you can check the REMOTE_HOST environment variable in .htaccess to forbid access.
i'm not sure if the mod_authz_host option has any affect on your log files but i doubt it.
|
lucy24
msg:4545329 | 2:51 pm on Feb 13, 2013 (gmt 0) |
Actually, I'm referring to what happens if you simply put in a line like
Deny from somename.net
without changing anything else. The moment anything other than a CIDR range appears in your mod_authz list, everything in the server's innards toggles over to Lookup Mode-- which I assume has a technical term that I don't know-- and it stays that way until you hunt down and remove the offending line. Same thing happens if you throw a RegEx into the same list. I remember there was some discussion about this, probably in SSID, but it was a goodish while ago.
|
luedvic
msg:4545535 | 2:56 am on Feb 14, 2013 (gmt 0) |
Thank you, I'm glad I found Webmaster World, I have a feeling I will be posting & reading often. :)
|
|
