also suggest LocationMatch with uses reg expression http://httpd.apache.org/docs/1.3/mod/core.html#location
fred .htaccess is a nix technology although the workaround of specifying AccessFileName seems to work it seems under (non-cygwin) NTFS any filename starting with . is set to 'system file handler' HTH M-- ----- Original Message ----- From: "Aaron Brown" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Thursday, December 06, 2007 1:11 PM Subject: Re: Tomcat and Apache Deny rules > After extensive searching, I actually found my answer in the archive > here....I needed to put the deny rules in a <Location> tag in httpd.conf > rather than VirtualHost, Directory, or .htaccess. > > Thanks everyone, > Aaron > > On 12/6/07 12:32 PM, "fredk2" <[EMAIL PROTECTED]> wrote: > > > > > > > Hi, > > > > Any reasons as to why not set the directives in the httpd.conf instead of > > .htaccess ? > > .htaccess only matters to requests for the directory it is in. > > > > Fred > > > > Aaron Brown-5 wrote: > >> > > >> > I've been trying to block the litefinder malicious bot which scours our > >> > site > >> > every day and tries to access pages with the incorrect case, thus causing > >> > crazy amounts of errors to get thrown. > >> > > >> > We have an Apache 2.2.4 front end using mod_jk to load balance against 9 > >> > Tomcat instances on 6 separate machines. > >> > > >> > I have an .htaccess file that blocks based on user agent along with some > >> > known ip addresses for the bot. This works correctly for all static > >> > content. That is, when I change my browser's user agent to "litefinder", > >> > and access the site, I am denied all gif, jpg, css, js, etc files. > >> > However, > >> > all the dynamic content is passed on to Tomcat without honoring the rules > >> > in > >> > .htaccess, thus not solving my problem. > >> > > >> > My question is basically, how do I/can I make Apache enforce my deny rules > >> > even for JkMount'ed data? If you need more info, I'm happy to provide. > >> > > >> > Thanks! > >> > Aaron > >> > > >> > ========================== > >> > > >> > Here is the .htaccess file in my webroot: > >> > > >> > #block litefinder malicious crawler > >> > SetEnvIfNoCase User-Agent LiteFinder stayout=1 > >> > Order Allow,deny > >> > Allow from all > >> > Deny from env=stayout > >> > Deny from 208.101.44.3 > >> > Deny from 209.160.65.42 > >> > Deny from 209.62.109.178 > >> > Deny from 216.40.220.34 > >> > Deny from 216.40.222.50 > >> > Deny from 216.40.222.66 > >> > Deny from 216.40.222.82 > >> > Deny from 216.40.222.98 > >> > Deny from 67.19.114.226 > >> > Deny from 67.19.250.26 > >> > Deny from 70.85.113.242 > >> > Deny from 74.53.243.226 > >> > Deny from 74.53.243.242 > >> > Deny from 74.53.244.18 > >> > Deny from 74.53.249.34 > >> > Deny from 74.86.209.74 > >> > Deny from 74.86.249.98 > >> > Deny from 75.125.18.178 > >> > Deny from 75.125.47.162 > >> > Deny from 75.125.52.146 > >> > Deny from 84.19.176.208 > >> > Deny from 87.118.118.111 > >> > Deny from 87.118.98.57 > >> > Deny from 87.118.98.62 > >> > > >> > Here is the relevant section from my httpd.conf > >> > > >> > <VirtualHost ****:80> > >> > DocumentRoot **** > >> > ServerName ***** > >> > JkMount /jkstatus/* status > >> > JkMount /* v3lb > >> > JkMount /captcha/Captcha.jpg v3lb > >> > JkUnMount /member/bzzmap/*.xml v3lb > >> > JkUnMount /member/bzzmap/*.swf v3lb > >> > JkUnMount /manager/* v3lb > >> > JkUnMount /images/* v3lb > >> > JkUnMount /awstats/* v3lb > >> > JkUnMount /img/* v3lb > >> > JkUnMount /js/* v3lb > >> > JkUnMount /*.gif v3lb > >> > JkUnMount /*.png v3lb > >> > JkUnMount /*.pdf v3lb > >> > JkMount /captcha/* v3lb > >> > JkUnMount /member/campaigns/*.jpg v3lb > >> > JkUnMount /*.css v3lb > >> > JkUnMount /*.html v3lb > >> > JkUnMount /*.mov v3lb > >> > JkUnMount /*.wmv v3lb > >> > JkUnMount /*.rm v3lb > >> > JkUnMount /*.ram v3lb > >> > #JkUnMount /*.swf v3lb > >> > JkUnMount /*.mpeg v3lb > >> > JkUnMount /*.mpg v3lb > >> > JkUnMount /*.mp3 v3lb > >> > JkUnMount /*.xml v3lb > >> > JkMount /dwr v3lb > >> > ErrorLog logs/www.error_log > >> > CustomLog logs/www.access_log combined > >> > </VirtualHost> > >> > > >> > > >> > --------------------------------------------------------------------- > >> > To start a new topic, e-mail: users@tomcat.apache.org > >> > To unsubscribe, e-mail: [EMAIL PROTECTED] > >> > For additional commands, e-mail: [EMAIL PROTECTED] > >> > > >> > > >> > > > > > -- > > View this message in context: > > http://www.nabble.com/Tomcat-and-Apache-Deny-rules-tf4956657.html#a14196976 > > Sent from the Tomcat - User mailing list archive at Nabble.com. > > > > > > > ------------------------------------------------------- > Aaron Brown, Systems Engineer > BzzAgent, Inc. | www.bzzagent.com > [EMAIL PROTECTED] | 617.451.2280 > ------------------------------------------------------- > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
