...

View Full Version : .htaccess and ip banning (and hello)



Mario_AU
02-13-2008, 12:21 PM
hi everyone,

i think i may have just found the definitive forums for my webmastering needs. :thumbsup:

i'm a fast and willing learner and if full/correct instructions are given can follow them to a tea. :rolleyes:


now then - i'm messing around with the magic of .htaccess and am coming to grips with it just dandy. i am up to here (http://www.javascriptkit.com/howto/htaccess5.shtml) atm. i can ban users just fine so i'm happy. not that i need/want to. anyway i'd like to know if it is possible to ban a user using his ip for a specific directory only? as i tried now i can ban from the whole site only. i did place the .htaccess file into a directory i wanted to ban myself from but could still see it. so is this a case of you either ban the whole site or nothing ?

and as a side note, regarding the complete ban, when i tested that, it worked just fine, and got this error:

Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

1.) what number error is this ? (i'd like to use my own, as i have already customized 401, 403* and 404)

2.) what's the problem it has with the 403 error ? could it be because i customized my 403 and as it tries to display it, it can not, since the html file is under /assets/html/403.html, and thus since the whole site is banned/blocked the user can not access it. sort of a catch 22 ???


ok, then thanks.
awaiting your swift reply!!!

ps: credit to the writer of the tutorial i'm referring to. :thumbsup:



ps: does the .htaccess file have a syntax like other config files that you can rem lines out ? like for other files you may have: "rem" or "#" or ";" because i'd like to leave some stuff in there but have it disabled. make sense what i just asked ??


pps: regarding this (http://www.javascriptkit.com/howto/htaccess11.shtml), i have done the last part, and both files are in upper case, and they both disappear after i upload them to site with ftp. when i go to the specific directory i can see the contents all right, but i see no top or bottom text (ie: the contents of either HEADER or README)



* 403 works but i think i need to redo it as it's not exactly kosher. more on that later.

Apostropartheid
02-13-2008, 10:16 PM
It's a 403 Forbidden. It even SAYS.

Indeed, if you banned them completely, the document cannot be served up because of the restrictions on your webserver.

Mario_AU
02-13-2008, 10:20 PM
anyway i'd like to know if it is possible to ban a user using his ip for a specific directory only?


ps: does the .htaccess file have a syntax like other config files that you can rem lines out ? like for other files you may have: "rem" or "#" or ";" because i'd like to leave some stuff in there but have it disabled. make sense what i just asked ??


pps: regarding this (http://www.javascriptkit.com/howto/htaccess11.shtml), i have done the last part, and both files are in upper case, and they both disappear after i upload them to site with ftp. when i go to the specific directory i can see the contents all right, but i see no top or bottom text (ie: the contents of either HEADER or README)



what about these 3 ??? plz

Mario_AU
02-14-2008, 10:14 PM
do you all have ===> set user{Mario_AU}./ignore ????
and time is ok, but i see the "dreaded", generic "i need help" getting several replies ...from senior coders... hmmm. like judge judy would say, "OUTRAGEOUS".

jlhaslip
02-15-2008, 04:41 AM
http://tools.dynamicdrive.com/userban/



## USER IP BANNING
<Limit GET POST>
order deny, allow
deny from all.
allow from xxx.xxx.xxx.xxx
</Limit>

## PREVENT VIEWING OF .HTACCESS
<Files .htaccess>
order allow,deny
deny from all
</Files>
Might work...

outseeker
02-16-2008, 07:01 AM
Do you have access to the httpd.conf to add Virtual Servers? Or is it only the owner who can do that? I have subdomains happening, I added the following to the httpd.conf:


<VirtualHost *:80>
ServerAdmin you@email.com
DocumentRoot /wwwroot
ServerName www.server.com
ServerAlias www.server.com
RewriteEngine On
RewriteOptions Inherit
</VirtualHost>
<VirtualHost *:80>
ServerAdmin you@email.com
DocumentRoot /wwwroot/subdomain
ServerName subdomain.server.com
RewriteEngine On
RewriteOptions Inherit
ErrorDocument 404 "/index.php"
</VirtualHost>

Then I have the following in the .htaccess files of both main root and subdomain root directories):

For the main root's .htaccess:

<Limit GET PUT POST>
order allow,deny
allow from all
</Limit>
RewriteEngine on
RewriteBase /

For the subdomain's .htaccess:

<Limit GET PUT POST>
order allow,deny
allow from all
</Limit>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^subdomain.server.com$ [NC]

That works. If you try to access your subdomain and get no response whatsoever, your not configured for dns wildcards.

Mario_AU
02-16-2008, 07:12 AM
Do you have access to the httpd.conf to add Virtual Servers? Or is it only the owner who can do that?

no i don't... :(
westnet is my host....


but my question is rather regarding the .htaccess file itself, which i can modify. i did clearly state that i CAN ban a user from my site using the .htaccess option. i tried it, works just fine.

i was just curious if using the .htaccess file (not by any other means) it would be possible to ban someone from a SPECIFIC directory rather then the COMPLETE site. that's all.


also what's wrong with my HEADER/README code ??? i'd like to display a message in one of my directories that has VDL on. :confused:

outseeker
02-17-2008, 11:42 AM
i was just curious if using the .htaccess file (not by any other means) it would be possible to ban someone from a SPECIFIC directory rather then the COMPLETE site. that's all.


Yes Mario. Whatever directory you want to ban specific people from, just put an .htaccess file in that directory.


<Limit GET PUT POST>
order allow,deny
allow from all
deny from 212.212.212.212
#this is how yoo comment in .htaccess by the way Mario.
</Limit>

Just use deny from whatever IP you wanna ban from that directory. As for your PPS, what are you tryin' to do? cbf following the link, readn whatever, downloading etc. What you want help with there?

Mario_AU
02-17-2008, 12:05 PM
thanks,


well at the moment when you got to: http://www.taxi583.com/temp/ you see this:



Index of /temp

http://www.taxi583.com/icons/blank.gif Name (http://www.taxi583.com/temp/?C=N;O=D) Last modified (http://www.taxi583.com/temp/?C=M;O=A) Size (http://www.taxi583.com/temp/?C=S;O=A) Description (http://www.taxi583.com/temp/?C=D;O=A)http://www.taxi583.com/icons/back.gif Parent Directory (http://www.taxi583.com/) -
Apache Server at www.taxi583.com (http://www.taxi583.com) Port 80

what you don't see is that there ARE two notepad text files in there called HEADER and README and they contain:

hello from the top
hello again from the bottom
respectively.

so shouldn't i get something like:



hello from the top
Index of /temp

http://www.taxi583.com/icons/blank.gif Name (http://www.taxi583.com/temp/?C=N;O=D) Last modified (http://www.taxi583.com/temp/?C=M;O=A) Size (http://www.taxi583.com/temp/?C=S;O=A) Description (http://www.taxi583.com/temp/?C=D;O=A)http://www.taxi583.com/icons/back.gif Parent Directory (http://www.taxi583.com/) - Apache Server at www.taxi583.com (http://www.taxi583.com) Port 80
hello again from the bottom
Apache Server at www.taxi583.com (http://www.taxi583.com/) Port 80
or similar ??? that's what i want. i want to say some crap at the top and something at the bottom too.


oh and the .htaccess file is:


## USER IP BANNING
<Limit GET POST>
order allow,deny
#deny from 150.101.147.119
allow from all
</Limit>

options +indexes
that was the ip i was testing on myself, now commented out.. ;-)

outseeker
02-17-2008, 10:51 PM
I can't see those files if I put their address in the bar.. http://www.taxi583.com/temp/header or http://www.taxi583.com/temp/readme both return 404 errors.

Add this to your .htaccess for custom header etc.


HeaderName HEADER.html
ReadmeName FOOTER.html

That will display those files before and after your indexes ;) (FIGJAM)

You can also add FancyIndexing to your options +indexes to make the indexes more fancy. This allows you to sort by clicking on the top of a column, etc. The docs I read give HEADER.html and FOOTER.html as an example, I am sure they don't neccessarily need an extension of .html by the way.

Mario_AU
02-18-2008, 01:13 AM
that was it thanks,,,



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum