httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard <lists-apa...@listmail.innovate.net>
Subject Re: [users@httpd] Deny <ip address> didn't work
Date Tue, 05 May 2015 03:26:46 GMT
Also "allow/deny" (or the 2.4 equiv) directives only control whether
the server delivers the content, not whether the client can request
an item from the server. I.e., the indication of successful blocking
will be the response code changing from 200 to 403, but you'll still
likely see hits. If you want to block the client from hitting the
server you'd probably need to use firewall settings.

With your rewrite attempt, did you include a statement turning the
rewrite engine on? 


------------ Original Message ------------
> Date: Monday, May 04, 2015 09:36:50 PM -0400
> From: Yehuda Katz <yehuda@ymkatz.net>
>
> What version of Apache are you using?
> Apache 2.4 changed the access control directives unless you
> specifically enable the old style:
> http://httpd.apache.org/docs/2.4/upgrading.html#access
> 
> Also, make sure you have the correct AllowOverride statements.
> 
> - Y
> 
> On Mon, May 4, 2015 at 7:33 PM, Joshua Smith
> <joshuasmith@scbwi.org> wrote:
> 
>> Hi,
>> 
>> I tried both of the following methods to block an ip address, but
>> neither worked.  In .htaccess, I put:
>> 
>> Order Deny,Allow
>> Deny from 123.123.123.123
>>  
>> and
>>
>> RewriteCond %{REMOTE_ADDR} ^123.123.123.123
>> RewriteRule .* /maintenance.html [R=503,L]
>> 
>> (I do have the mod_rewrite module installed)
>> 
>> In both cases, I put the rules at the top of the file so that it
>> would be the first rules executed.
>> 
>> After each one, i did an apachectl stop, then apachectl start.
>> 
>> In both cases, when i monitored my site with the 'server-status'
>> module, the ip address was still there, with sometimes more than
>> 30 requests, and all for the same page, which was ..../login.php.
>> And it continued to be there for the next 30 minutes until it
>> just dropped off, but i was doing nothing to stop it at that
>> point.
>> 
>> This method of blocking has worked for me in the past.
>> 
>> Is it possible for someone (ie a hacker…) to bypass my blocking
>> method(s)?  Or is there something more I need to do?
>> 
>> Thank you,
>> Josh
>> 
------------ End Original Message ------------



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message