httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reese <howel...@inkworkswell.com>
Subject Re: [users@httpd] How to block IP addresses to the whole server?
Date Tue, 16 Mar 2010 16:48:35 GMT
On 16-Mar-10 10:31, Je suis la poubelle wrote:
>      Thanks to all for your replies.  For the record, <location> is
> the best option for me.  This is the solution I use:
> 
> edit /etc/apache2/httpd.conf to add the following section:
> <Location />
>   Order Allow,Deny
>   Deny from xx.xx.xx.xx
>   Deny from xx.xx.xx.xx
>   Allow from all
> </Location>

That works, but if you add only the necessary parts of that to your
.htaccess file, it is more dynamic. That is, you don't have to restart
your HTTP server after each change.
ex. add:

   Order Allow,Deny
   Deny from xx.xx.xx.xx
   Deny from xxx.xx.xxx.xx
   Deny from xx.xxx.
   Allow from all

to the .htaccess file in the root of your publicly-accessible pages
and the changes go into effect on save, not when you restart Apache.

Note that you can also block whole subnets, not just individual
IP addresses.

Reese

>      There is nevertheless one thing I would like to do, but I'm
> afraid I'm too demanding :p
> 
>      Reply to forbidden IP addresses is a page full of informations:
> Linux distro and version, Apache version, PHP version and all the
> module versions.  Possible to prevent them from being shown?



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message