httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Smith <joshuasm...@scbwi.org>
Subject [users@httpd] Deny <ip address> didn't work
Date Mon, 04 May 2015 23:33:06 GMT
Hi,



I tried both of the following methods to block an ip address, but neither
worked.  In .htaccess, I put:



Order Deny,Allow

Deny from 123.123.123.123



and



RewriteCond %{REMOTE_ADDR} ^123.123.123.123

RewriteRule .* /maintenance.html [R=503,L]



(I do have the mod_rewrite module installed)



In both cases, I put the rules at the top of the file so that it would be
the first rules executed.



After each one, i did an apachectl stop, then apachectl start.



In both cases, when i monitored my site with the 'server-status' module,
the ip address was still there, with sometimes more than 30 requests, and
all for the same page, which was ..../login.php.  And it continued to be
there for the next 30 minutes until it just dropped off, but i was doing
nothing to stop it at that point.



This method of blocking has worked for me in the past.



Is it possible for someone (ie a hacker…) to bypass my blocking method(s)?
Or is there something more I need to do?



Thank you,

Josh

Mime
View raw message