Forum Moderators: phranque
i want to ban certain IPs with my .htaccess and to show a short comment with explanations written inside my htaccess, pls how to write this comment at the bottom of my htaccess?!?
order allow,deny
deny from 204.****.****.****
deny from 202.xxx.xxx.xxx
allow from all
I think you may be looking for the ErrorDocument [httpd.apache.org] directive. You could use the form: ErrorDocument 403 "Go away
Jim
i already have error document (401, 403, etc) on my htaccess
i'd like to show a short comment instead of 403 etc..to banned IPs and thought may be better to write it down directly to my htaccess, or if nopt possible to redirect to a specific page (notice.htm)
If you already have a custom 403 error document, then that is what will be served to "blocked" IP addresses. If you want to serve something else, you have at least two choices:
1) Redirect those IPs to another page rather than blocking them. But this results in a 200-OK response, not a 403.
2) Use a script to generate your error response. The script replaces your current custom error document. Inside the script, select the appropriate message to return, depending on the IP address, user-agent, etc.
My advice is to keep things simple, and not worry about "special messages." In many if not most cases, intruders on your site are automated, and no-one will ever read those messages. The robots simply see the 403-Forbidden response and move on to the next site. If the intruders are human rather than robotic, then they may enjoy the extra attention they are getting, and keep coming back. So I advise returning a standard error message and spending your time developing more or better content, instead of playing hide-and-seek with unwelcome guests. This is just my opinion, and yours may differ... :)
Jim
i'll go as per your suggestion.
thank you very much
so to redirect 'em to 403 i do not have to add anything at the end as i already have the following at the top of my htaccess?!?
ErrorDocument 401 /401.php
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
Use the aloow/deny code you posted in your first post, plus your ErrorDocument directives. Then modify your 403.php file to serve "special" content to those IP addresses.
I encourage you to experiement with this stuff -- then *you* will be the expert on php Apache error handling around here! :)
Jim
thanks a lot
tito
> any chance that i will definively lock out myself?
.htaccess only applies to HTTP requests. Even if you block your own IP address with .htaccess, this will not prevent you from accessing your server using FTP.
Jim
i've tested it and it works but instead of being directed to my custom 403 i get a kind of 'generic' one
telling:
---
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
---
there's some error by using the ErrorDocument, i have tested the 404 and 401 and both are properly working, but the 403 got this error.
actually my htaccess is as follows:
ErrorDocument 401 /401.php
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
ErrorDocument 500 /500.php
order allow,deny
# blah, blah, some notes..
deny from 61.xx
deny from 61.xx
deny from 61.xx
deny from 61.xx
# blah, blah, some notes..
allow from all
i'm on Apache/1.3.20 Sun Cobalt(Unix)
maybe my server requires another way to write the htaccess?!? is that possible?!?
Because of this, those IPs are denied access to your custom 403 page. So, you get a second 403 error, and the message in the standard 403 response describes what happened.
Here's one way to do it:
SetEnvIf Request_URI "(403\.php¦robots\.txt)$" allowit
#
Order Deny,Allow
Deny from 10.10.0.0
Deny from 192.168.0.255
Allow from env=allowit
Jim
