IP site access control via .htaccess - Mambo

bmwheaven · November 8th, 2004, 08:59

Hi ppl,
I'm still testing my website and and I want to put a .htaccess file on there to allow some ip-addresses to go to the website, and to deny others.
How can I do this? By using a .htaccess file?

The thing I want is that unauthorized ips are sent to index.html and authorized ips to index.php (where mambo is installed).
I dont want to move mambo into a sub dir, it's giving me problems with testing mods i want to have on my site...

Any help?
Thanks!

Ilir

bmwheaven · December 31st, 2004, 03:19

Well, if someone ever needs it:

this is the code for the .htaccess in the root of your server (so that no-one can get to your website, except for you, and your own server)

Code:

ErrorDocument 403 /guest/index.html

order deny,allow
deny from all
# allow the admin
allow from xxx.xxx.xxx.xxx
# allow moderator:
allow from xxx.xxx.xxx.xxx
# allow server (this for scripts, etc to work):
allow from xxx.xxx.xxx.xxx

#for all the xxx.xxx.xxx.xxx put in an ip-addres, or ip-range

And then you create a folder named 'guest' in the root (or something else you like)
In there you put an index.html, with whatever text you like (website under construction or something.
And you create another .htaccess file (in the 'guest'-folder), this is what you put in:
Code:
```
order deny,allow 
allow from all
```

d3v · August 3rd, 2005, 17:55

.htaccess file question.

I made this file to allow simple security/prevent some of the spambots that harvest my site and up the PHP upload limit. I'm sort of amateurish to Apache so I was wondering:

1. Does the order of the settings posted matters?
2. Do I have to enable RewriteEngine everytime before I wish to use it or once in the header is enough?
3. Can I do something else to optimize it or maybe add some security (allow only certain IP/host will not work for me since I'm currently working on my project from different locations)

Thanks for looking. Please post your comments/flame ( for me to learn from) and suggestions.

Code:

Code:
# $Id: htaccess.txt,v 1.10 2003/12/22 10:37:29 rcastley Exp $
#
# htaccess file for SEF
# @package Mambo Open Source
# @Copyright (C) 2000 - 2003 Miro International Pty Ltd
# @ All rights reserved
# @ Mambo Open Source is Free Software
# @ Released under GNU/GPL License : http://www.gnu.org/copyleft/gpl.html
# @version $Revision: 1.10 $

#
#  mod_rewrite in use
#

ReWriteEngine On

#  Uncomment following line if your webserver's URL 
#  is not directly related to physival file paths.
#  Update YourMamboDirectory (just / for root)

#  RewriteBase /

#
#  Rules
#

ReWriteCond %{REQUEST_FILENAME} !-f
ReWriteCond %{REQUEST_FILENAME} !-d
ReWriteRule ^(.*) index.php

Options +SymlinksIfOwnerMatch

# deny most common except .php

deny from all



  Order Allow,Deny
  Allow from all



order allow,deny
deny from all



#The next lines check for Email Spammers Robots and redirect them to a fake page
ReWriteCond %{HTTP_USER_AGENT} ^Alexibot                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^asterias                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BackDoorBot             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Black.Hole              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BlackWidow              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BlowFish                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BotALot                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BuiltBotTough           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Bullseye                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^BunnySlippers           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Cegbfeieh               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^CheeseBot               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^CherryPicker            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ChinaClaw               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^CopyRightCheck          [OR]
ReWriteCond %{HTTP_USER_AGENT} ^cosmos                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Crescent                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Custo                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^DISCo                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^DittoSpyder             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Download\ Demon         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^eCatch                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EirGrabber              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EmailCollector          [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EmailSiphon             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EmailWolf               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EroCrawler              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures    [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ExtractorPro            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^EyeNetIE                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^FlashGet                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Foobot                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^FrontPage               [NC,OR]
ReWriteCond %{HTTP_USER_AGENT} ^GetRight                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^GetWeb!                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Googlebot-Image         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Go!Zilla                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^GrabNet                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Grafula                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Harvest                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^hloader                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^HMView                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^httplib                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^HTTrack                 [NC,OR]
ReWriteCond %{HTTP_USER_AGENT} ^humanlinks              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ia_archiver             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Image\ Stripper         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Image\ Sucker           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Indy\ Library           [NC,OR]
ReWriteCond %{HTTP_USER_AGENT} ^InfoNaviRobot           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^InterGET                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^JennyBot                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^JetCar                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Kenjin.Spider           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Keyword.Density         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^larbin                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^LeechFTP                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^LexiBot                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^libWeb/clsHTTP          [OR]
ReWriteCond %{HTTP_USER_AGENT} ^LinkextractorPro        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^LinkScan/8.1a.Unix      [OR]
ReWriteCond %{HTTP_USER_AGENT} ^LinkWalker              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^lwp-trivial             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mata.Hari               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Microsoft.URL           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^MIDown\ tool            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^MIIxpc                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mister.PiX              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mister\ PiX             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^moget                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mozilla/2               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mozilla/3.Mozilla/2.01  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Mozilla.*NEWT           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Navroad                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NearSite                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NetAnts                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NetMechanic             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NetSpider               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Net\ Vampire            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NetZIP                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NICErsPRO               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^NPBot                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Octopus                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Offline.Explorer        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer       [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator      [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Openfind                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^PageGrabber             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Papa\ Foto              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^pavuk                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^pcBrowser               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ProPowerBot/2.14        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ProWebWalker            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ProWebWalker            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^QueryN.Metasearch       [OR]
ReWriteCond %{HTTP_USER_AGENT} ^ReGet                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^RepoMonkey              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^RMA                     [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SiteSnagger             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SlySearch               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SmartDownload           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SpankBot                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^spanner                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SuperBot                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^SuperHTTP               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Surfbot                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^suzuran                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Szukacz/1.4             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^tAkeOut                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Teleport                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro           [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Telesoft                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^The.Intraformant        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^TheNomad                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^TightTwatBot            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Titan                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^toCrawl/UrlDispatcher   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^True_Robot              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^turingos                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^TurnitinBot/1.5         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^URLy.Warning            [OR]
ReWriteCond %{HTTP_USER_AGENT} ^VCI                     [OR]
ReWriteCond %{HTTP_USER_AGENT} ^VoidEYE                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebAuto                 [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebBandit               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebCopier               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebEMailExtrac.*        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebEnhancer             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebFetch                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebGo\ IS               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Web.Image.Collector     [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebLeacher              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebmasterWorldForumBot  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebReaper               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebSauger               [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor      [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Website.Quester         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Website\ Quester        [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Webster.Pro             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebStripper             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Web\ Sucker             [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebWhacker              [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WebZip                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Wget                    [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Widow                   [OR]
ReWriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WWW-Collector-E         [OR]
ReWriteCond %{HTTP_USER_AGENT} ^WWWOFFLE                [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider       [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Xenu's                  [OR]
ReWriteCond %{HTTP_USER_AGENT} ^Zeus
ReWriteRule ^.*$ /noindex.php  [L]

#ReWriteCond %{HTTP_USER_AGENT}  ^-?$
#ReWriteRule ^.*$ /www/mysite.com/noID.php [L]

ReWriteRule ^index.html index.php [L]

#
#  mod_rewrite in use
#
DirectoryIndex index.php

RewriteEngine On

#  for apache on windows you might need to uncomment
#  this Options line
#Options +SymlinksIfOwnerMatch

#  Uncomment following line if your webserver's URL
#  is not directly related to physival file paths.
#  Update YourMamboDirectory (just / for root)

RewriteBase /
#
#  Rules
#

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php


php_value post_max_size 16M
php_value upload_max_filesize 16M

bmwheaven · August 5th, 2005, 12:21

Hi,
I'm not a star at apache either, I just searched the internet and found what I was looking for.
I'm not sure what you're trying to do with the whole script.
But this piece of code doesn't make sense:

Code:

deny from all



  Order Allow,Deny
  Allow from all



order allow,deny
deny from all

You first deny everybody from your site, then you allow them, and then you deny them again.
The deny/allow is to give access to certain ipaddresses to a certain folder on your webserver.
Maybe someone else can help you with the other part of the script...

Ilir

d3v · August 5th, 2005, 16:17

wth. For some uknown reason it didn't paste like it should. It should be like this:

Code:

# deny most common except .php
<FilesMatch "\.(inc|includes|tpl|h|ihtml|sql|ini|configuration|class|bin|spd|theme|module|modules|components|mambots|editor|media)$">
deny from all
</FilesMatch>

<Limit GET PUT POST>
  Order Allow,Deny
  Allow from all
</Limit>

<Files .htaccess>
order allow,deny
deny from all
</Files>

mambostart · April 23rd, 2006, 06:29

I've tried what bmwheaven said [IP site access control via .htaccess], but it doesn't work.

My site is on a "free hosting" server and it seems like the server ignore my .htacces files. I've tried via htaccess.txt but it doesn't work.

I've done something wrong or what ? Can anyone help me ?

Server details:

Code:

PHP Version: 	5.1.2 	
Web Server: 	Apache/1.3.34 (Unix) mod_layout/3.2.1 	
WebServer to PHP interface: apache

bmwheaven · April 24th, 2006, 04:26

how did you call the file?
it has to be named: .htaccess
no .txt at the end, and you have to place it in the folder you want it to be active in... (.htaccess files sometimes cannot be seen in your ftp-program, you have to use an option, like "-la" in ws_ftp to see the .htaccess and other hidden files/folders)

mambostart · April 24th, 2006, 17:50

It is .htaccess, and i have that option on [hidden files], but it doesn't work.

November 8th, 2004, 08:59	#1
bmwheaven Join Date: Nov 2004 Location: The Netherlands Posts: 43	IP site access control via .htaccess Hi ppl, I'm still testing my website and and I want to put a .htaccess file on there to allow some ip-addresses to go to the website, and to deny others. How can I do this? By using a .htaccess file? The thing I want is that unauthorized ips are sent to index.html and authorized ips to index.php (where mambo is installed). I dont want to move mambo into a sub dir, it's giving me problems with testing mods i want to have on my site... Any help? Thanks! Ilir __________________ - Ilir Dibrani www.bmwheaven.com

December 31st, 2004, 03:19	#2
bmwheaven Join Date: Nov 2004 Location: The Netherlands Posts: 43	Well, if someone ever needs it: this is the code for the .htaccess in the root of your server (so that no-one can get to your website, except for you, and your own server) Code: ErrorDocument 403 /guest/index.html order deny,allow deny from all # allow the admin allow from xxx.xxx.xxx.xxx # allow moderator: allow from xxx.xxx.xxx.xxx # allow server (this for scripts, etc to work): allow from xxx.xxx.xxx.xxx #for all the xxx.xxx.xxx.xxx put in an ip-addres, or ip-range And then you create a folder named 'guest' in the root (or something else you like) In there you put an index.html, with whatever text you like (website under construction or something. And you create another .htaccess file (in the 'guest'-folder), this is what you put in: Code: order deny,allow allow from all __________________ - Ilir Dibrani www.bmwheaven.com

August 5th, 2005, 12:21	#4
bmwheaven Join Date: Nov 2004 Location: The Netherlands Posts: 43	Hi, I'm not a star at apache either, I just searched the internet and found what I was looking for. I'm not sure what you're trying to do with the whole script. But this piece of code doesn't make sense: Code: deny from all Order Allow,Deny Allow from all order allow,deny deny from all You first deny everybody from your site, then you allow them, and then you deny them again. The deny/allow is to give access to certain ipaddresses to a certain folder on your webserver. Maybe someone else can help you with the other part of the script... Ilir __________________ - Ilir Dibrani www.bmwheaven.com

April 23rd, 2006, 06:29	#6
mambostart Join Date: Apr 2005 Posts: 10	More Help ! I've tried what bmwheaven said [IP site access control via .htaccess], but it doesn't work. My site is on a "free hosting" server and it seems like the server ignore my .htacces files. I've tried via htaccess.txt but it doesn't work. I've done something wrong or what ? Can anyone help me ? Server details: Code: PHP Version: 5.1.2 Web Server: Apache/1.3.34 (Unix) mod_layout/3.2.1 WebServer to PHP interface: apache

April 24th, 2006, 04:26	#7
bmwheaven Join Date: Nov 2004 Location: The Netherlands Posts: 43	how did you call the file? it has to be named: .htaccess no .txt at the end, and you have to place it in the folder you want it to be active in... (.htaccess files sometimes cannot be seen in your ftp-program, you have to use an option, like "-la" in ws_ftp to see the .htaccess and other hidden files/folders) __________________ - Ilir Dibrani www.bmwheaven.com

April 24th, 2006, 17:50	#8
mambostart Join Date: Apr 2005 Posts: 10	I did everything ok, but it doesn't work. It is .htaccess, and i have that option on [hidden files], but it doesn't work.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode