Customer Support

• FAQ & Knowledge Base
• System Status
• Contact Support

  Support Categories:

Getting Started FTP Moving Domains E-mail Stat Reports Mailing Lists Apache PHP CGI MySQL Database Other Software Billing & Terms Control Panel E-commerce Pre-Sales

Search for keywords:

Browse by category: -- Select Topic -- Getting Started FTP Telnet/SSH Moving Domains E-mail Traffic Reports Mailing Lists Apache PHP CGI Other Server-Side Scripting MySQL Database Imaging Libraries Other Software Billing & Terms Control Panel E-commerce Pre-Sales

How do I block access to my site based on certain conditions?

You can block access to your site in a variety of different ways: by ip, file, or using any number of environment variables.

Block based on IP

To block certain IP addresses from accessing your site, use a Deny directive in an .htaccess file.

Apache's documentation explains how to do this:

http://httpd.apache.org/docs/mod/mod_access.html
http://httpd.apache.org/docs/howto/auth.html

For example, if you put the following .htaccess file in a directory, then it would operate on all directories beneath it:

Deny from 192.168.72.2
Deny From 192.168.55

The 1st Deny directive would block the exact IP address 192.168.72.2. The 2nd Deny directive would block all IP addresses fitting the pattern 192.168.55, including 192.168.55.1, 192.168.55.2, 192.168.55.254, etc.

Block access to a specific file

if you have a file underneath your DocumentRoot (accessible to a browser) that you do not want anyone to be able to view in a browser, you can block access to it with a Files directive in an .htaccess file. The .htaccess file will affect all subdirectories below the one in which the .htaccess file resides.

For example:

<Files ~ "^somefile.ext">
Order allow,deny
Deny from all
</Files>

will deny access to any file that looks like "somefile.ext".

Please see the Apache documentation on the Files directive here.

Using environment variables

The Deny directive used above to deny specific IP ranges is also useful in conjunction with any number environment variables. Take a look at the example from this applicable article:

# Known mail harvesters
SetEnvIf User-Agent EmailCollector BAD_BOT
SetEnvIf User-Agent CherryPicker BAD_BOT

# Code Red and Nimda
SetEnvIf Request_URI ^/default.ida BAD_BOT=worm
SetEnvIf Request_URI root.exe BAD_BOT=worm

# Referrer spam
SetEnvIfNoCase Referer ^http://(www.)?xopy.com BAD_BOT=spammer
SetEnvIfNoCase Referer ^http://(www.)?aizzo.com BAD_BOT=spammer

# Bad bot, no cookie!
Order Allow,Deny
Allow from all
Deny from env=BAD_BOT


These rules are also written in a .htaccess and will affect that directory and all sub-directories below it.

User-Contributed Notes

There are no user-contributed notes for this topic.

Related Questions:

Do you have Server Side Includes (SSI)?

Do you support Front Page Extensions?

Do you support JSP, Tomcat or Resin?

How do I publish with FrontPage?

Do you offer mod_perl, mod_python, WebDAV, ASP, Cold Fusion or Zope?

Can I have all .html files parsed as .shtml SSI files?

Do you support Ruby on Rails ?

Why doesn't my banner.gif display?

Browse Categories: Getting Started, FTP, Telnet/SSH, Moving Domains, E-mail, Traffic Reports, Mailing Lists, Apache, PHP, CGI, Other Server-Side Scripting, MySQL Database, Imaging Libraries, Other Software, Billing & Terms, Control Panel, E-commerce, Pre-Sales