Friday, September 2, 2011

Prevent access from an IP address using .htaccess

htaccess is a powerful tool is used to manipulated the webroot and apache configurations as well. The Rewrite rules can be written in .htaccess file. .htaccess file normally located in the webroot.

#Open the Apache configuration file.

vi /etc/httpd/conf/httpd.conf (Redhat Based,Centos Distros)
vi /etc/apache2/apache2.conf (Debian Based,Ubuntu Distros)

# Uncomment the Following Line

LoadModule rewrite_module modules/mod_rewrite.so

we need to change the AllowOverride directive also from


Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all


to


Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all
Satisfy all


Perfect !!! You have enabled the .htaccess support in your apache webserver.

Now go to your webroot. Normally its /var/www/html/domain.com. Create an htaccess file

touch .htaccess

vi .htaccess

Copy paste the following in to .htaccess file

order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all

Save And Exit

Viola !!! You have blocked the above IPs from watching your site. Same like you can restrict an IP range also. Do the following if you would like to block a range

order allow,deny
deny from 123.45.6
deny from 012.34.
allow from all

You can block an ISP through the above method. Changes will look like following

order allow,deny
deny from some-evil-isp.com
deny from subdomain.another-evil-isp.com
allow from all

The above will all traffic from the specified Internet Service Providers IPs