htaccess to ban ips
 

Does anyone have the proper code for banning ips from your website using htaccess, which gives them a 403 page? I want to ban full ips and ip blocks both, anyone know this htaccess code? Also need code that will block all folders and pages, kinda like a /home/username/www/* any folders and folders below in the web root from that ip seeing any of the website.

Thanks for your help in advance.


BrentD

mod_rewrite
good luck, it's pretty tricky to get the hang of, if you know perl regex's you should be good, otherwise you might be boned. However, mod_rewrite is the way to go.

Make sure the ban IP list is reliable to if ya get one from another party:thumbsup

Well I am trying to use this on a windows server running asp as the website but its not working:


<Limit GET>
order allow,deny
deny from 195.47.23.26
allow from all
ErrorDocument 404 /banned.html
</Limit>


Any suggestions?

Not sure if iis even supports .htaccess ( i don't think it does) you could put it in the Session_onStart event, or load it from a file on the application's onStart event. if you can't find anything, hit me up and i can come up with something for you for a nice, reasonable price.

.htaccess and .htpassword only work on Apache Serveur/UNIX

is there a way to use htaccess to your advantage when you got 400 lines of code in it? =/

all the rewrite code hogs up all the memory - anyway to go around that?

Before enabling .htaccess files, consider the advantages and disadvanteges. On servers I run myself, with no users, I tend to use .htaccess files for testing and debugging, and when I have a configuration I like, I move the directives into a <Directory> container in the httpd.conf file and delete the .htaccess file. For this reason, I have overrides enabled just about everywhere. This allows me to balance the convenience of .htaccess files against their performance impact.

On some of my servers I have some user accounts for people I know and trust, and in those environments I'm more cautious and don't allow all overrides globally. I do tend to allow whatever overrides my friends need for their own directories, though.

And in some cases I have real 'user' accounts, for people I do not know as well -- and on those servers AllowOverride None is the rule. I occasionally allow .htaccess files in their private directories, but I carefully audit the possible effects before granting an override category.

The two main disadvantages to using .htaccess are the performance impact and the extending of control access to others. The first is somewhat manageable through the judicious use of the AllowOverride directive, and the latter is a matter of establishing trust -- and performing risk assessment. What mix works best in your environment is something you'll need to determine for yourself.

For Apache 1.3

CGI scripts are essentially not buffered. Every time your script does a "flush" to output data, that data gets relayed on to the client.

Some scripting languages, for example Perl, have their own buffering for output - this can be disabled by setting the $| special variable to 1. Of course this does increase the overall number of packets being transmitted, which can result in a sense of slowness for the end user.