Welcome to WebmasterWorld Guest from 50.17.5.36

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

<Limit GET HEAD POST> vs. <Limit GET POST>

Can both be used in the .htaccess file?

     
2:52 am on Dec 31, 2007 (gmt 0)

New User

5+ Year Member

joined:Dec 30, 2007
posts: 5
votes: 0


My .htaccess file has these lines (among others):

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>

I'd like to add the lines below in order to block access from a certain country. Will there be any conflicts with the above lines if I do that?

<Limit GET HEAD POST>
order allow,deny
deny from 41.204.224.0/19
deny from 41.205.160.0/19
deny from 41.206.0.0/19
deny from 41.206.224.0/19
deny from 41.211.192.0/18
deny from 41.220.64.0/20
deny from 41.222.40.0/21
deny from 41.222.64.0/21
deny from 41.222.72.0/21
deny from 41.223.24.0/22
deny from 41.223.64.0/22
deny from 41.223.128.0/22
deny from 41.223.136.0/22
deny from 62.173.32.0/19
deny from 62.193.160.0/19
deny from 80.248.0.0/20
deny from 80.250.32.0/20
deny from 82.128.0.0/17
deny from 195.166.224.0/19
deny from 196.1.176.0/20
deny from 196.3.60.0/22
deny from 196.3.180.0/22
deny from 196.29.208.0/20
deny from 196.45.192.0/18
deny from 196.46.144.0/22
deny from 196.46.240.0/21
deny from 196.200.0.0/20
deny from 196.200.64.0/20
deny from 196.200.112.0/20
deny from 196.202.224.0/21
deny from 196.207.0.0/20
deny from 196.207.128.0/18
deny from 196.216.144.0/22
deny from 196.216.148.0/22
deny from 196.220.0.0/19
deny from 212.100.64.0/19
deny from 217.14.80.0/20
deny from 217.78.64.0/20
deny from 217.117.0.0/20
deny from 81.18.32.0/20
deny from 81.24.0.0/20
deny from 213.166.160.0/19
deny from 213.181.64.0/19
allow from all
</LIMIT>

7:20 pm on Dec 31, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


There is an error in this:

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

7:47 pm on Dec 31, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


Only one Order directive per .htaccess file -- The last one overrides the previous ones.

Similarly, any conflict between <Limit> containers will result in the last one that applies being used.

There is no need to enclose the Deny from's in a <Limit> container, so I'm not sure why you're doing that. For example, PUTs and DELETEs will be allowed from your listed IP addresses with the code as-posted.

Also, see <LimitExcept>, which may be useful to you.

I'd suggest:


# Allow all to fetch robots.txt and custom 403 error page
SetEnvIf Request_URI "^/(robots\.txtmy_custom_403_page\.html)$" allow-it
#
Order Deny,Allow
#
# Allow all to fetch robots.txt and custom 403 error page
<Limit GET>
Allow from env=allow-it
</Limit>
#
# Deny all methods except for GET, HEAD, and POST (HEAD is implied by GET -- see documentation)
<LimitExcept GET POST>
Deny from all
</LimitExcept>
#
# Deny from various country's IP address ranges
Deny from 41.204.224.0/19
Deny from 41.205.160.0/19
...
Deny from 213.166.160.0/19
Deny from 213.181.64.0/19

Replace the broken pipe character in the SetEnvIf directive above with a solid pipe character before use; Posting on this forum modifies the pipe characters.

Jim

[edited by: jdMorgan at 7:51 pm (utc) on Dec. 31, 2007]

3:02 am on Jan 1, 2008 (gmt 0)

New User

5+ Year Member

joined:Dec 30, 2007
posts: 5
votes: 0


There is an error in this:

<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>

Okay, I give up, what's the error? (I'm a web designer and don't know much about .htaccess files, you may have deduced.)

5:58 am on Jan 1, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 11, 2001
posts:5408
votes: 2


deny from all
allow from all

the error is either/or NOT both.

7:14 am on Jan 25, 2008 (gmt 0)

New User

10+ Year Member

joined:Mar 20, 2004
posts: 16
votes: 0


Nice thread.

I just got one question. Is there a way to allow bots like googlebot to come in while sending "page cannot resolve" to all other users from that country ip address range?