Welcome to WebmasterWorld Guest from 34.204.36.101

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

Bad bot script causing Apache to crash

Don't understand my host's explanation

     
3:00 pm on Aug 19, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Oct 23, 2002
posts:66
votes: 0


I've been using the modified bad bot script posted here:
[webmasterworld.com ]

Since initially implementing this script on my site I've had to relocate to different servers 3 times. On the first server the script worked exactly as explained in the posts (different host than I have now). On the second server it didn't seem to work at all but I was so immersed in other problems that I didn't have time to look into it. On this last server relocation suddenly the script seemed to start working again - but I hadn't tested it yet.

When the bad bot gets caught the script writes the following line at the top of the htaccess script (example):
SetEnvIf Remote_Addr ^66\.xxx\.xxx\.xx$ getout # Fri Aug 1 09:23:36 2003 Mozilla/4.0 (compatible; MSIE 5.0; Windows NT)

I'm on a shared hosting account. I just received an email from my host...

"We have found one of the issues with apache crashing is due to some line end comments you had in your .htaccess file. This was causing apache to crash for one reason or another and also filling up the logs fast."

My host then edited the top of my htaccess file to look like this:
SetEnvIf Remote_Addr ^66\.xxx\.xxx\.xx$ getout

... and also said: "We needed to remove the '#' character and everything after it ... Please do not add this back"

Here are my questions:
--Is my host right about the line generated by this script causing apache to crash?
--Can someone help me understand how the comment line could have caused/contributed to the problem? (I'm very skeptical about his explanation but I just don't understand this stuff unfortunately).
--If he IS right then won't the problem continue the next time the script writes a new bad bot line to the top of my htaccess?

It would seem a more likely explanation that I somehow messed up my own htaccess or the script rather than blame it on the script itself. But considering my ignorance I don't know what to look for. Can anyone help me figure this out? I'm grateful for any assistance.

3:37 pm on Aug 19, 2003 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 11, 2003
posts:495
votes: 0


The docs say not to add comments after an htaccess directive like you were doing. Comments are supposed to be placed on separate lines. If your host is saying it is crashing the server, then just accept it and don't add them there. Your server is apparently having problems parsing the line and separating the directive from the comment.
3:25 am on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


BusyNut,

Change the third line of the script snippet as shown below. This prints the date and user agent in a stand-alone comment line first, and then prints the SetEnvIf directive on the next line. This should eliminate your problem.


# Empty existing .htaccess file, then write new IP ban line and
# previous contents to it
truncate(HTACCESS,0);
print HTACCESS ("\# $date $usragnt\nSetEnvIf Remote_Addr \^$remaddr\$ getout\n");
print HTACCESS (@contents);

Your server was probably set up to generate warnings if comments followed .htaccess directives, and those warnings may have been filling up your error log.

HTH,
Jim

2:58 pm on Aug 20, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Oct 23, 2002
posts:66
votes: 0


Thank you BlueSky and Jim. I'm always grateful for the help offered here. :)
4:47 pm on Aug 20, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


BusyNut,

Because of this problem, jatar_k has been kind enough to add the script correction to the thread cited above, modified "bad-bot" script blocks site downloads at [webmasterworld.com...]

Thanks, jatar_k!
Jim