How do I block access to my site based on certain conditions?
You can block access to your site in a variety of different ways: by ip, file, or using any number of environment variables.
Block based on IP
To block certain IP addresses from accessing your site, use a Deny directive in an .htaccess file.
Apache's documentation explains how to do this:
For example, if you put the following .htaccess file in a directory, then it would operate on all directories beneath it:
Deny from 192.168.72.2
Deny From 192.168.55
The 1st Deny directive would block the exact IP address 192.168.72.2. The 2nd Deny directive would block all IP addresses fitting the pattern 192.168.55, including 192.168.55.1, 192.168.55.2, 192.168.55.254, etc.
Block access to a specific file
if you have a file underneath your DocumentRoot (accessible to a browser) that you do not want anyone to be able to view in a browser, you can block access to it with a Files directive in an .htaccess file. The .htaccess file will affect all subdirectories below the one in which the .htaccess file resides.
Deny from all
will deny access to any file that looks like "somefile.ext".
Please see the Apache documentation on the Files directive here.
Using environment variables
The Deny directive used above to deny specific IP ranges is also useful in conjunction with any number environment variables. Take a look at the example from this applicable article:
# Known mail harvesters
SetEnvIf User-Agent EmailCollector BAD_BOT
SetEnvIf User-Agent CherryPicker BAD_BOT
# Code Red and Nimda
SetEnvIf Request_URI ^/default.ida BAD_BOT=worm
SetEnvIf Request_URI root.exe BAD_BOT=worm
# Referrer spam
SetEnvIfNoCase Referer ^http://(www.)?xopy.com BAD_BOT=spammer
SetEnvIfNoCase Referer ^http://(www.)?aizzo.com BAD_BOT=spammer
# Bad bot, no cookie!
Allow from all
Deny from env=BAD_BOT
These rules are also written in a .htaccess and will affect that directory and all sub-directories below it.
21310/0%Last update: 2010-11-17 15:42
Author: FAQ Admin
You can comment this FAQ