Forum Moderators: phranque
So how would i merge the second set into the first to keep the bot trap working? Thanks.
SetEnvIf Remote_Addr ^79\.125\.205\.72$ getout
SetEnvIf Request_URI "^(/403\.htm¦/robots\.txt)$" allowsome
<Files *>
order deny,allow
deny from env=getout
allow from env=allowsome
</Files>
<Files *>
order deny,allow
# Exploited web servers used for harvesting content, sending blog, log or email spam (including hosted proxies), hosting hostile scripts and phishing websites:
deny from 38.100.22.104/29 38.100.22.112/28 38.100.22.128/26 62.141.48.0/20 62.141.56.0/21 64.20.32.0/19 64.22.64.0/18 64.27.0.0/19 64.34.176.0/20 64.92.199.0/24 64.92.200.0/24 64.191.77.231 65.23.153.0/24 65.98.0.0/17 66.38.130.192/26 66.49.128.0/17 66.79.167.128/25 66.79.168.134/32 66.90.64.0/18 66.148.64.0/18 66.154.0.0/18 66.154.64.0/19 66.160.186.0/24 66.186.36.195 66.197.128.0/17 66.199.224.0/19 66.225.212.0/22 66.232.96.0/19 66.235.160.0/19 66.235.192.0/19 67.159.0.0/18 67.228.0.0/17 69.13.0.0/16 69.50.160.0/19 69.60.111.0/24 69.64.64.0/20 69.65.0.0/18 70.87.208.34 72.3.128.0/17 72.21.32.0/19 72.22.64.0/19 72.29.64.0/19 72.32.0.0/16 72.36.128.0/17 72.36.168.153/29 72.52.128.0/18 72.232.0.0/16 72.233.0.0/17 72.249.32.0/23 74.50.0.0/20 74.50.96.0/20 74.86.0.0/16 74.124.192.0/24 74.208.16.4 75.126.0.0/16 80.237.144.0/22 81.19.183.0/27 81.29.70.0/24 82.99.30.0/25 82.165.128.0/17 82.208.60.0/22 84.19.176.0/20 85.8.128.0/18 85.17.6.0/26 85.17.145.0/24 85.17.11.0/24 85.25.128.0/18 87.106.80.0/20 87.118.64.0/18 87.118.96.0/19 87.237.60.64/27 195.242.98.0/23 205.177.79.0/24 205.178.128.0/18 205.234.96.0/20 205.234.132.0/24 206.51.224.0/20 206.188.0.0/26 207.58.128.0/18 207.234.209.0/24 208.53.128.0/18 208.66.68.0/22 208.66.194.160/28 208.99.192.0/19 208.101.0.0/18 208.109.0.0/16 208.112.107.20 208.184.65.0/24 209.2.34.112/28 209.66.122.0/24 209.85.0.0/17 209.97.192.0/19 209.126.128.0/17 209.160.0.0/18 209.160.64.0/20 209.163.169.0/24 209.172.32.0/19 209.200.0.0/18 209.205.0.0/18 216.32.64.0/19 216.93.160.0/19 216.182.224.0/20 216.185.128.0/24 216.242.44.96 216.255.176.0/20 217.20.208.0/20 217.172.187.0/24
# Proxy servers and services
deny from 61.206.125.0/24 62.171.194.0/23 80.33.0.0/16 80.58.0.0/16 81.12.0.0/17 83.16.154.152/29 85.10.219.104/29 85.92.130.0/24 85.185.0.0/16 88.198.241.104/29 88.198.252.144/29 145.253.239.8/29 150.188.0.0/15 194.112.195.202 198.145.112.128/25 200.30.64.0/20 200.43.108.0/24 200.75.128.0/20 200.126.112.0/20 200.172.222.0/26 200.202.192.0/18 200.210.0.0/16 203.160.0.0/23
# Rackspace - Hackers, spammers, scammers and phishers
deny from 72.32.0.0/16
# ThePlanet.com and Everyones Internet; home of many spammers, hackers and trojan horses
deny from 64.5.32.0/19 64.246.0.0/18 67.15.0.0/16 67.18.0.0/15 69.93.0.0/16 70.84.0.0/14 74.52.0.0/15 74.54.0.0/16 75.125.0.0/16 207.44.128.0/17
deny from 209.249.86.
</Files>
</Files>
<Files *>
order deny,allow
The "Allow from env=allowsome" will override any and all of the Deny directives -- See Apache mod_access [httpd.apache.org].
I also presume you completely flushed your browser cache before testing any new code.
Or perhaps I'm misunderstanding your "problem report": You must always allow *all* IP addresses to access your 403 page. If you don't, you hand them an easy way to DOS your server, since all they need do is create one 403, and your server will then 403 itself until the redirection limit is reached. Similarly, you must also allow *all* IP addresses to access your robots.txt file, since robots encountering any problem fetching it are free to interpret that as carte blanche to crawl your entire URL-map. So it is the intended function of the "SetEnvIf/Allow from" construct to allow any and all IPs to access the 403 page and robots.txt file.
Jim
[error] [client 209.249.86.17] client denied by server configuration: /home/public_html/403.shtml
that ip is blocked in htaccess with the line
deny from 209.249.86.
and all the code is:
SetEnvIf Remote_Addr ^79\.125\.205\.72$ getout
SetEnvIf User-Agent ^searchestate getout
SetEnvIf User-Agent ^Java getout
SetEnvIf User-Agent ^Scumbot getout
SetEnvIf User-Agent ^Linkwalker getout
SetEnvIf Request_URI "^(/403\.htm¦/robots\.txt)$" allowsome
SetEnvIf Remote_Addr ^217\.78\.47\.35$ allowsome
SetEnvIf Remote_Addr ^216\.239\.(3[0-9])\. allowsome
SetEnvIf Remote_Addr ^63\.241\.243\. allowsome
<Files *>
order deny,allow
deny from env=getout
allow from env=allowsome
# Exploited web servers used for harvesting content, sending blog, log or email spam (including hosted proxies), hosting hostile scripts and phishing websites:
deny from 38.100.22.104/29 38.100.22.112/28 38.100.22.128/26 62.141.48.0/20 62.141.56.0/21 64.20.32.0/19 64.22.64.0/18 64.27.0.0/19 64.34.176.0/20 64.92.199.0/24 64.92.200.0/24 64.191.77.231 65.23.153.0/24 65.98.0.0/17 66.38.130.192/26 66.49.128.0/17 66.79.167.128/25 66.79.168.134/32 66.90.64.0/18 66.148.64.0/18 66.154.0.0/18 66.154.64.0/19 66.160.186.0/24 66.186.36.195 66.197.128.0/17 66.199.224.0/19 66.225.212.0/22 66.232.96.0/19 66.235.160.0/19 66.235.192.0/19 67.159.0.0/18 67.228.0.0/17 69.13.0.0/16 69.50.160.0/19 69.60.111.0/24 69.64.64.0/20 69.65.0.0/18 70.87.208.34 72.3.128.0/17 72.21.32.0/19 72.22.64.0/19 72.29.64.0/19 72.32.0.0/16 72.36.128.0/17 72.36.168.153/29 72.52.128.0/18 72.232.0.0/16 72.233.0.0/17 72.249.32.0/23 74.50.0.0/20 74.50.96.0/20 74.86.0.0/16 74.124.192.0/24 74.208.16.4 75.126.0.0/16 80.237.144.0/22 81.19.183.0/27 81.29.70.0/24 82.99.30.0/25 82.165.128.0/17 82.208.60.0/22 84.19.176.0/20 85.8.128.0/18 85.17.6.0/26 85.17.145.0/24 85.17.11.0/24 85.25.128.0/18 87.106.80.0/20 87.118.64.0/18 87.118.96.0/19 87.237.60.64/27 195.242.98.0/23 205.177.79.0/24 205.178.128.0/18 205.234.96.0/20 205.234.132.0/24 206.51.224.0/20 206.188.0.0/26 207.58.128.0/18 207.234.209.0/24 208.53.128.0/18 208.66.68.0/22 208.66.194.160/28 208.99.192.0/19 208.101.0.0/18 208.109.0.0/16 208.112.107.20 208.184.65.0/24 209.2.34.112/28 209.66.122.0/24 209.85.0.0/17 209.97.192.0/19 209.126.128.0/17 209.160.0.0/18 209.160.64.0/20 209.163.169.0/24 209.172.32.0/19 209.200.0.0/18 209.205.0.0/18 216.32.64.0/19 216.93.160.0/19 216.182.224.0/20 216.185.128.0/24 216.242.44.96 216.255.176.0/20 217.20.208.0/20 217.172.187.0/24
# Proxy servers and services
deny from 61.206.125.0/24 62.171.194.0/23 80.33.0.0/16 80.58.0.0/16 81.12.0.0/17 83.16.154.152/29 85.10.219.104/29 85.92.130.0/24 85.185.0.0/16 88.198.241.104/29 88.198.252.144/29 145.253.239.8/29 150.188.0.0/15 194.112.195.202 198.145.112.128/25 200.30.64.0/20 200.43.108.0/24 200.75.128.0/20 200.126.112.0/20 200.172.222.0/26 200.202.192.0/18 200.210.0.0/16 203.160.0.0/23
# Rackspace - Hackers, spammers, scammers and phishers
deny from 72.32.0.0/16
# ThePlanet.com and Everyones Internet; home of many spammers, hackers and trojan horses
deny from 64.5.32.0/19 64.246.0.0/18 67.15.0.0/16 67.18.0.0/15 69.93.0.0/16 70.84.0.0/14 74.52.0.0/15 74.54.0.0/16 75.125.0.0/16 207.44.128.0/17
deny from 209.249.86.
</Files>
# This prevents web browsers or spiders from seeing your .htaccess directives:
<Files .htaccess>
deny from all
</Files>
SetEnvIf Request_URI "^(/403\.shtml¦/robots\.txt)$" allowsome
is that right?
Thanks.
