htaccess blocking IP's

keat63

• May 05, 2016 08:39

One of my sites is on a hosted cpanel, where I have no access to root, I don't have CSF etc etc. It has a CGI script that allows for a user to leave a comment, however, it seems that I'm under some sort of bot attack. I thought that I'd get clever by renaming the CGI file and updating any calls for this file. This worked in the respect that the bots are no longer making updates to the comments. However, they are still hitting the site. Rather than trying to add each and every subnet which comes, I'd like to try and block all IP's which call for the old CGI file. Is this possible with .HTACCESS ??

• 

  Infopro

  • May 05, 2016 13:42

  Sure, find the icon in your cPanel called "IP Blocker".

  0
• 

  keat63

  • May 05, 2016 13:49

  Doesn't IP blocker require me to insert these IP's manually, which is what I'm trying to avoid. Also, this affects every subdomain on the Cpanel, which appears to have a detrimental affect with some of the -Ecommerce sites. I did find this which I'm just toying with. order allow,deny deny from all

  0
• 

  keat63

  • May 05, 2016 13:56

  And that didn't work, I still see them in the visitors log.

  0
• 

  Infopro

  • May 05, 2016 14:08

  I'm a bit confused I guess. There is no automated way that I know of to block IP addresses you don't want visiting your site. When you add an IP there as mentioned, its added to the htaccess that you asked about. Yes, if you block an IP using the "IP Blocker" it should block all access to the account. Blocking an IP on one part of your site, but not another to avoid any detrimental affects makes no sense to me.

  0
• 

  keat63

  • May 06, 2016 10:45

  The cpanel account is split in to subdomains. A few of the sites on these subdomains have cubecart which uses some sort of htaccess rewrite rule for SEO purposes. The moment you start messing with IP Blocker, it does something to the htaccess file across all subdomains, which breaks the cubecart sites. I want to just modify the htaccess file on one particular subdomain, without affecting any of the others.

  0
• 

  deadlock

  • May 06, 2016 11:38

  order allow,deny deny from all

  
  This does what you want it to do. The visits will still show in the access-logs (if that's what you mean) but if you take a closer look you will see they are "404" entries. The page will show as "Forbidden" (you can see that for yourself). The botter will eventually notice this and stop the requests.

  0
• 

  keat63

  • May 06, 2016 13:28

  Its Apache 2.4 and seems needs a little different approach. I added: Require all granted Require not ip xxx.xx.xx (a short list of class c's) order allow,deny deny from all hopefully, they will go away.

  0

Please sign in to leave a comment.