PDA

View Full Version : Is my htaccess is structured properly and syntax correct?

Mike Harrison
08-13-2009, 01:21 PM
I've been using htaccess for a couple of years on the site I built myself. I'm not by any means a 'real' webmaster, with deep knowledge and understanding; only someone dangerous enough to get a site online. The htaccess file I'd been using until recently contained only some redirects, and was working.

But I now need to deny access to my site from a long list of ip addresses (hackers from other countries, I'm told). I've put the ip addresses in, using 'order deny,allow' but some of the ip addresses on the deny list are still able to get through, but I can't figure out why. (The list of code was edited due to excessive length.)

order deny,allow
deny from 58.14.0.0/15
(LIST EDITED HERE)
deny from 222.251.128.0/17
deny from baidu.com
deny from gutzwiller.ch
deny from 163data.com.cn
allow from all

<Files .htaccess>
deny from all
</Files>

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} websextreff\.info [NC,OR]
RewriteCond %{HTTP_REFERER} apnic\.net
RewriteCond %{HTTP_REFERER} ns.chinanet.cn\.net
RewriteCond %{HTTP_REFERER} cndata\.com
RewriteCond %{HTTP_REFERER} gddc\.com.cn
RewriteCond %{HTTP_REFERER} public.xa.sn\.cn
RewriteRule .* - [F]

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mywebsite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_HOST} !^www\.mywebsite\.com
RewriteRule (.*) http://www.mywebsite.com/$1 [R=301,L]

Redirect 301 /pageone.htm http://www.mywebsite.com/newpageone.htm
Redirect 301 /pagetwo.htm http://www.mywebsite.com/newpagetwo.htm
Redirect 301 /pagethree.htm http://www.mywebsite.com/newpagethree.htm
Redirect 301 /pagefour.htm http://www.mywebsite.com/newpagefour.htm
Redirect 301 /pagefive.htm http://www.mywebsite.com/newpagefive.htm
Redirect 301 /pagesix.htm http://www.mywebsite.com/newpagesix.htm
Redirect 301 /pageseven.htm http://www.mywebsite.com/newpageseven.htm
Redirect 301 /pageeight.htm http://www.mywebsite.com/newpageeight.htm
Redirect 301 /pagenine.htm http://www.mywebsite.com/newpagenine.htm
Redirect 301 /pageten.htm http://www.mywebsite.com/newpageten.htm

# ----- REALMMAN END -----


NOTE: In my code are several individual ip addresses along with the blocks that should include them. Those individual ip addresses are the ones that were still able to get through. I also added a few individual domain names at the end of the list (seen above), hoping that would work.

I just want to make sure what I have here is in the correct syntax and in the correct order. I've run the code through a free online htaccess syntax validator http://www.lyxx.com/freestuff/002.html and it claims everything is OK, but those pesky ip addresses are still getting through.

If anyone would like to see the unedited code, please let me know (and tell me how to attach it here or send it to you). I appreciate any help anyone can offer.

Thanks.
oesxyl
08-14-2009, 12:45 PM
baidu is a search engine, is the chinese google. I understand your fear but what you do is wrong.

best regards
Mike Harrison
08-14-2009, 05:31 PM
I understand your fear but what you do is wrong.

Do you mean my desire to block referrals from Baidu is wrong, or that my syntax is wrong?

Thanks.
oesxyl
08-14-2009, 06:00 PM
Do you mean my desire to block referrals from Baidu is wrong, or that my syntax is wrong?

Thanks.
- syntax is ok
- your intention to block inocent servers, like baidu, is wrong.
in your place I would watch the server logs and block only users who really try to do something bad.

best regards
Mike Harrison
08-14-2009, 06:21 PM
I don't have anything against Baidu, per se; I'm just trying to keep my bandwidth down. I get a lot of hits for downloading mp3 files, but my mp3 files are not music, they are business files. When I trace the referrals, many of them come from Baidu's mp3 page.
oesxyl
08-14-2009, 07:04 PM
I don't have anything against Baidu, per se; I'm just trying to keep my bandwidth down. I get a lot of hits for downloading mp3 files, but my mp3 files are not music, they are business files. When I trace the referrals, many of them come from Baidu's mp3 page.
baidu was only an example, :)
people don't download files if they don't need them. Probably there are bots or maybe there is not enought information on your site about files content.

I think you can use robots.txt to avoid baidu to index your pages or just specific files, like mp3. I guess baidu obay to robots.txt, I don't really know.
I also don't know if you can ask baidu to remove urls from their index, try to find yourself.

I don't how good could be for you but why don't email files based on specific user request. This way you can avoid bots, limit download only to users which are really interested and maybe contact your future clients, :)

best regards
Mike Harrison
08-14-2009, 07:18 PM
I think you can use robots.txt to avoid baidu to index your pages or just specific files, like mp3.

That is a great idea. I really must give legitimate site visitors (clients) the ability to download the files because that is 90% of the reason they would visit. But your idea to use robots.txt to deny access to spiders is very good.

Thank you for your time. Your help is very much appreciated!:)
oesxyl
08-14-2009, 07:25 PM
That is a great idea. I really must give legitimate site visitors (clients) the ability to download the files because that is 90% of the reason they would visit. But your idea to use robots.txt to deny access to spiders is very good.

Thank you for your time. Your help is very much appreciated!:)
you are welcome, :)
be aware that using robots.txt work only if search engine bot obay to what you have inside and can't stop a bad bot.

best regards