Joost de Heer wrote:
On 01/14/2011 02:40 AM, Norman Peelman wrote:
Hello all,
I've got a server with name based virtualhosts. I am getting spammers
from
various countries and would like to block these IP ranges. But I
can't seem to
figure out how to block them. How can I block them by default for the
entire
server? Where do I put the:
<Directory>
Order Allow,Deny
Allow from all
Deny from ip range
...
Deny from ip range
</Directory>
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order
Allow,Deny
First, all Allow directives are evaluated; at least one must
match, or the request is rejected. Next, all Deny directives are
evaluated. If any matches, the request is rejected. Last, any requests
which do not match an Allow or a Deny directive are denied by default.
So your rule doesn't block anything, because you have an 'allow all'.
So either change the order to 'Order deny,allow' or remove the 'allow
from all' line.
If you really want to block IP addresses so they can't even reach your
webserver, you should use a firewall.
Joost
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Thanks all, wasn't really sure what was going on here... I will take a
look at setting up a proper firewall (iptables).
--
Norman Registered Linux user #461062 AMD64X2 6400+ Ubuntu 8.04 64bit
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org