Are server-requests possible with Deny from . country code?

Forum Moderators: phranque

Message Too Old, No Replies

Are server-requests possible with Deny from . country code?

deny from

john1000

9:38 pm on Apr 26, 2006 (gmt 0)

Hi,

The question is simple :
Are server-requests possible with Deny from . country code?

What i mean is,unfortunately some countries aren't behaving and need to be blocked.
So ,if i ad deny from .br would that block any requests coming from the country .br to my server?

I have my doubts about that.
cause after i added it my 404 error page still registered requests to an non existing page..

Any thoughts?

jdMorgan

11:14 pm on Apr 26, 2006 (gmt 0)

You can use mod_setenvif to test the Remote_Host, and then set a server variable. This server variable can then be tested by mod_access. See the docs for those two modules.

Be aware that looking up the remote host invokes a reverse-DNS request *from* your server to the DNS system. The current client request cannot proceed until this DNS request is completed. Therefore, checking remote hosts can have a severe impact on the user experience and reliability of a busy site. You should limit the scope of the reverse-DNS checks if possible, so that they are only done for certain critical pages or types of pages. This limiting can be done by enclosing the SetEnvIf directive in a <Files> or <Limit> container in .htaccess or in any valid container in httpd.conf.

Note also that if you are on a shared host, you may not be allowed to do reverse-DNS lookups, because of the previously-mentioned performance impact.

Jim

john1000

11:24 pm on Apr 26, 2006 (gmt 0)

Hello Jim,

Thanks....but how do i limit any if the requests are towards so many pages?

And if my htaccess is already full with rewrite rules,do i still need the <limit> container?

Cause basically no it looks like :

ip's.....
#*$!.xxx.xxx.xxx
xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx
deny from .br

Or is this wrong?