Using Apache to Ban IP / Domains

Forum Moderators: phranque

Message Too Old, No Replies

Using Apache to Ban IP / Domains

which is better way - httpd.conf or .htaccess

Imaster

3:10 pm on Jun 27, 2007 (gmt 0)

I have around 70 domains on a server and I would like to ban certain ip addresses from download / browsing all these websites.

Initially, I used to do this with .htaccess, but adding new rules (ips) everytime to all 70 websites via .htaccess is pretty time consuming.

I am the system admin and have access to httpd.conf. Would it be wise to use these rules in httpd.conf?

Using something like below in httpd.conf:

<Directory "/">
order allow,deny
allow from all

deny from 12.148.209.196
deny from 12.224.186.194
</Directory>

Would this cause extra load on the server than what was actually using .htaccess for each domains?

Thanks and please provide me with your inputs.

[added: In case I have placed the above code in both httpd.conf and .htaccess, will the server read through both of them which might cause an extra load. So in case I use httpd.conf, should I remove the .htaccess files?]

[edited by: Imaster at 3:35 pm (utc) on June 27, 2007]

Matt Probert

4:58 pm on Jun 27, 2007 (gmt 0)

httpd.conf is read once upon Apache starting. .htaccess is read for EVERY request coming in to the server!

If you can, use httpd.conf

Matt

Tastatura

6:00 pm on Jun 27, 2007 (gmt 0)

you could use IPtables (in conjunction with .htaccess perhaps) - see if this thread gives you any ideas:
[webmasterworld.com...]