I'm testing a proprietary script that works similar to the script Trap.pl that you gave (but with a ton more features that I really needed) What I'd like to do is see if I can get both scripts to work together.
Here's the issue, I need to have the following code in htaccess in order for trap.pl to work:
<Files ~ "^.*$">
order allow,deny
allow from all
deny from env=ban
</Files>
Now what the proprietary script I have does is add the following code:
<Limit GET POST >
order allow,deny
allow from all
deny from blah blah blah
</Limit>
So both these codes end up in the htaccess file. For the proprietary script, whenever it finds a bad acting bot or crawler it adds a new "Deny from" line with the offending IP.
Ive noticed that one code tends to cancel out the other. Im trying to see if its possible to either merge the code or set it up so they dont cancel each other out.
As an alternative solution, Ive tried to move the trap.pl script to my main subdirectory called MPN, and leave the proprietary at the root. The result is whenever a ban takes place at the root directory, the offender still has access to the MPN directory because the htaccess file there acts separately from the root htaccess.
I guess I want to bake my cake and eat it too. As it stands I can use one or the other but not both.
Is there a solution? Appreciate any help!
Other than that, the only solution I can see is to limit your site to one .htaccess file placed in the root directory.
Did I understand you correctly when your suggestion was to consolidate all the htaccess files into one htaccess file in the root directory? That seems to make sense, since the htaccess file in the root works independently from the trap.pl generated htaccess in the subdirectory. Thats why even if your banned in the root, it doesnt reflect that in the trapl.pl subdirectory a well.
I think the solution would be to have trap.pl (when executed) read the htaccess file in the root directory, and whatever ip address that has been banned would be added to its own htaccess file. if Im right let me know, maybe i can get started on finding a solution.
AFAIK, .htaccess effects are recursive (atleast when using <Files ~>), meaning that if you put a .htaccess file in /home/blah/public_html then /home/blah/public_html/mpn is also covered.
You say that one of the code sets in cancelling the other out. The answer here is simple, just remove the two lines:
order allow,deny
allow from all
from the set which is processed second (either below it in the .htaccess or in a subdirectory)
It's basically the 'allow from all' that will be cancelling out the other script (or, in other terms, anything processed before it).
Hope that helps
Allen
