Welcome to WebmasterWorld Guest from 54.145.166.96

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

<Limit GET HEAD POST> vs. <Limit GET POST>

Can both be used in the .htaccess file?

   
2:52 am on Dec 31, 2007 (gmt 0)

5+ Year Member



My .htaccess file has these lines (among others):

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>

I'd like to add the lines below in order to block access from a certain country. Will there be any conflicts with the above lines if I do that?

<Limit GET HEAD POST>
order allow,deny
deny from 41.204.224.0/19
deny from 41.205.160.0/19
deny from 41.206.0.0/19
deny from 41.206.224.0/19
deny from 41.211.192.0/18
deny from 41.220.64.0/20
deny from 41.222.40.0/21
deny from 41.222.64.0/21
deny from 41.222.72.0/21
deny from 41.223.24.0/22
deny from 41.223.64.0/22
deny from 41.223.128.0/22
deny from 41.223.136.0/22
deny from 62.173.32.0/19
deny from 62.193.160.0/19
deny from 80.248.0.0/20
deny from 80.250.32.0/20
deny from 82.128.0.0/17
deny from 195.166.224.0/19
deny from 196.1.176.0/20
deny from 196.3.60.0/22
deny from 196.3.180.0/22
deny from 196.29.208.0/20
deny from 196.45.192.0/18
deny from 196.46.144.0/22
deny from 196.46.240.0/21
deny from 196.200.0.0/20
deny from 196.200.64.0/20
deny from 196.200.112.0/20
deny from 196.202.224.0/21
deny from 196.207.0.0/20
deny from 196.207.128.0/18
deny from 196.216.144.0/22
deny from 196.216.148.0/22
deny from 196.220.0.0/19
deny from 212.100.64.0/19
deny from 217.14.80.0/20
deny from 217.78.64.0/20
deny from 217.117.0.0/20
deny from 81.18.32.0/20
deny from 81.24.0.0/20
deny from 213.166.160.0/19
deny from 213.181.64.0/19
allow from all
</LIMIT>

7:20 pm on Dec 31, 2007 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



There is an error in this:

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

7:47 pm on Dec 31, 2007 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Only one Order directive per .htaccess file -- The last one overrides the previous ones.

Similarly, any conflict between <Limit> containers will result in the last one that applies being used.

There is no need to enclose the Deny from's in a <Limit> container, so I'm not sure why you're doing that. For example, PUTs and DELETEs will be allowed from your listed IP addresses with the code as-posted.

Also, see <LimitExcept>, which may be useful to you.

I'd suggest:


# Allow all to fetch robots.txt and custom 403 error page
SetEnvIf Request_URI "^/(robots\.txtmy_custom_403_page\.html)$" allow-it
#
Order Deny,Allow
#
# Allow all to fetch robots.txt and custom 403 error page
<Limit GET>
Allow from env=allow-it
</Limit>
#
# Deny all methods except for GET, HEAD, and POST (HEAD is implied by GET -- see documentation)
<LimitExcept GET POST>
Deny from all
</LimitExcept>
#
# Deny from various country's IP address ranges
Deny from 41.204.224.0/19
Deny from 41.205.160.0/19
...
Deny from 213.166.160.0/19
Deny from 213.181.64.0/19

Replace the broken pipe character in the SetEnvIf directive above with a solid pipe character before use; Posting on this forum modifies the pipe characters.

Jim

[edited by: jdMorgan at 7:51 pm (utc) on Dec. 31, 2007]

3:02 am on Jan 1, 2008 (gmt 0)

5+ Year Member



There is an error in this:

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

Okay, I give up, what's the error? (I'm a web designer and don't know much about .htaccess files, you may have deduced.)

5:58 am on Jan 1, 2008 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



deny from all
allow from all

the error is either/or NOT both.

7:14 am on Jan 25, 2008 (gmt 0)

10+ Year Member



Nice thread.

I just got one question. Is there a way to allow bots like googlebot to come in while sending "page cannot resolve" to all other users from that country ip address range?

 

Featured Threads

Hot Threads This Week

Hot Threads This Month