Welcome to WebmasterWorld Guest from 54.145.208.64

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Why htaccess is not bloking unwanted ips?

   
5:17 am on Dec 23, 2012 (gmt 0)



I'm trying to block(aren't we all xD) unfriendly "visitors" from accessing my friends website through cPanel IP Deny Manager. Somehow, this doesn't seem to have effect since I frequently see the blocked ips popping in visitors list.

Can anybody please tell me what's wrongly defined in the .htaccess file below? Thanks in advance for all your help.


<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 178.175.24.0/21
deny from 124.114.0.0/15
deny from 119.147.75.0/24
deny from 119.147.6.60
deny from 216.38.216.101
deny from 195.222.96.0/22
deny from 94.75.245.0/24
deny from 91.224.160.0/23
deny from 194.247.12.8
deny from 194.247.12.0/23
deny from 124.121.192.
deny from 208.91.198.0/23
deny from 212.40.96.0/21
deny from 212.40.104.0/22
deny from 82.114.76.192/29
deny from 46.19.224.128/26
deny from 200.160.238.161
deny from 94.139.160.0/22
deny from 109.124.98.248/29
deny from 185.2.12.0/23
deny from 77.245.144.0/20
deny from 216.14.112.0/20
deny from 87.236.209.0/24
deny from 86.109.112.0/24
deny from 37.130.227.133
deny from 199.48.147.36
deny from 188.143.233.0/24
deny from 74.217.0.0/16
deny from 208.48.224.0/19
deny from 208.49.0.0/16
deny from 208.50.0.0/17
deny from 64.124.0.0/15
deny from 173.255.192.0/18
deny from 96.8.112.0/20
deny from 77.245.149.21
deny from 177.85.97.13
5:37 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Administrator 5+ Year Member Top Contributors Of The Month



The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from". The deny, allow order matters too.
6:27 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



unfriendly "visitors" from accessing my friends website through cPanel IP Deny Manager.


This is a bad method of modifying access and/or htaccess.
The methods used by cPanel are beyond you control and may not be manageable. Even syntax errors are likely.

As you have seen, and as not2easy has advised you.

You need to create your own htaccess.
6:37 am on Dec 23, 2012 (gmt 0)



Thanks for your reply not2easy, :)

I understand what you say and it is certainly true, but as a wannabe admin(I really do it just to help out for free) I don't know how.

Would appreciate very much a scrap of code that demonstrates your advice as 403 directive was, I think, generated either by cPanel or isp or maybe it's some Apache default.
6:50 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



A scrap is all your going to get.
The purpose and function of this forum is so webmasters learn so to create their own solutions. Please read the forum charter

There should be examples of this in the forum library these types of lines are the simplest of htaccess commands.

order deny,allow
deny from 178.175.24.0/21
deny from all
deny from env=desired phrase
6:50 am on Dec 23, 2012 (gmt 0)



BTW, I've tried this online htaccess checker [lyxx.com] but it found nothing amiss. o_O
6:56 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



The same way you have enclosed the directive for your 403 page, you need to tell the server what files or folders you want to "deny from".

By default, directives apply to anything that isn't inside a Files or FilesMatch envelope. Generally that's what you want. Many people also make an exemption for robots.txt.

There should be an Order directive to go with the loose Deny from... directives. If you don't say, apache [httpd.apache.org] uses its default, which is Deny,Allow. This doesn't make a difference in your htaccess as quoted. But if you include the boilerplate line
Allow from all
the lack of an explicit Order... directive becomes catastrophic.

Order Allow,Deny
Allow from all
Deny from {long list here}
= allow from everyone except the ones on your Deny list.

Order Deny,Allow
Allow from all
Deny from {long list here}
= Allow from all

It does not matter if your "Allow from" lines come before or after the "Deny from" lines or if they are all garbled together. The only thing that matters is the "Order..." directive
7:32 am on Dec 23, 2012 (gmt 0)



Thanks lucy24 & all, :)

I am trying something like this:

order allow,deny
deny from 192.168.
deny from 10.0.0.
allow from all

below 403 directive. I'm curious if cPanel will muddle it next time I try to block new intruders(sigh).
7:33 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



BTW, I've tried this online htaccess checker


WORTHLESS!

I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer.
7:41 am on Dec 23, 2012 (gmt 0)



WORTHLESS!

I copied eleven lines from a portion of mod-rewrite and it flagged nine as errors, and without providing any explanation of the error codes, unless you count their $150-per-incident offer.


So it seems... Wilderness, can you, by any chance, recommend to a newbie a reliable(free) online htaccess checker if there is one in existance, please?
8:10 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



can you, by any chance, recommend


Not aware of any such tool that exists.

However, and if one existed, it's against the forum charter to post a link to one.
9:09 am on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



Picking apart htaccess files is what's what this forum is for. Not blanket line-by-line checking. But

"I want my htaccess to do such-and-such:
{ explanation in English }
Here's what I've come up with so far:
{ sample of the relevant snippet of code, not a complete dump of the whole thing }
But it doesn't do such-and-such, instead it:
{ does thus-and-so | gives everyone a 500 error | doesn't seem to have any effect at all }
or
It does such-and-such, but it also does this-and-that which I didn't want it to do."
10:19 am on Dec 23, 2012 (gmt 0)



Not aware of any such tool that exists.

However, and if one existed, it's against the forum charter to post a link to one.


Wonder why is it difficult to write one? As for this rule, well, for sure, if one existed, it would be on topic and useful to the inexperienced.

@Lucy24

Of course you are right. I was looking for a quick-fix solution for this problem as it is becoming chronic and I really have no time to delve into Apache configuration subtleties.When my friend gets better(financially) I'll recommend that he hires a pro. I'm a designer.


Thank you for your help, much obliged. :)
6:09 pm on Dec 23, 2012 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Wonder why is it difficult to write one?

Because there's no way it could know what you wanted the code to actually do.

Once you get more proficient with htaccess you'll spot errors more easily. The only way is to learn. And remember this: the more mistakes you make, the more you learn.