Block IP from multiple access - apache

Is there any way to block an IP that have already visited a site with htaccess other any other tools?
Like someone visited a this site www.my-site.com/index1.html and I want to prevent that he can visit it again what is the best way to do this?

You could try something like
Order Deny,Allow
Deny from xxx.xxx.xxx.xxx
or you can deny a lock like this
Order Deny,Allow
Deny from xxx.xxx.xxx
xxx is obviously the octet

Related

deny and allow ip access .htaccess

Seen lots of info regarding this but can't figure out this scenario. I want to deny all uk ips but allow my own uk ip.
I have a big list of deny ip addresses which work fine and deny access, but I want to be able to access the site for obvious reasons!
Basically I'm creating a site for Irish consumer base and the owner wants to exclude the UK from accessing the site. But I need to access it still.
In your .htaccess file put this rule in same manner and write your ip's which are whitelisted in allow from your ip
<Directory "/">
order deny,allow
deny from all
allow from 127.0.0.1
allow from 127.0.0.2
</Directory>
Using Require
<RequireAll>
Require all granted
Require not ip 10.252.46.165
</RequireAll>
https://httpd.apache.org/docs/2.4/howto/access.html

Access Control Apache

Just having trouble setting an access control in Apache. So I want to deny access to a specific ip address for a section in my website. So when this ip address access my site, they shouldn't be able to see the "test" section of the website.
This is what I have done inside the httpd.conf file
<Directory /test>
Order Allow,Deny
Allow from all
Deny from 10.13.89.47
</Directory>
Please can someone tell me what I am doing wrong ?
Thanks
Based on the information you have provided, you document root is '/' (very dangerous) or you've not understood how the 'Directory' tag works. I would expect the tag to look something more like.....
<Directory /srv/www/htdocs/test>
I have used something else to get it working.
<Location/test>
Order Allow,Deny
Allow from all
Deny from 10.13.89.47
</Location>

Denying Access to Particular IPs on Apache

One of my websites is being continuously attacked by spammers originating from a certain set of countries.
There are four culprit IPs that are proving to be a nuisance.
I have tried using the mod_access utility of Apache and have the following lines added to my .htaccess
<Limit GET POST>
order allow,deny
Allow from all
deny from 201.xx.xx.xx
deny from 202.xx.xx.x
deny from 201.xx.xx.xx
deny from 201.xx.xxx.xx
</Limit>
Howeverm for some reason, the spammers are still able to access my site and the spam continuous from the said IPs
Can anyone tell me as to where exactly it is that I am going wrong.
Just remove the limit
order allow,deny
deny from 201.xx.xx.xx
deny from 202.xx.xx.x
deny from 201.xx.xx.xx
deny from 201.xx.xxx.xx
allow from all

How to block IPs for POST requests, but not GET?

I have a website where I'm getting quite a lot of comment spam. Looking at the IP addresses the spam originates from, they're mostly from countries where it's unlikely any real humans would want to interact with my English-language website, so it makes sense for me to simply block them.
This should be quite straightforward, however I'd like it if traffic from these countries could actually view my content, just not access the comment, registration etc. forms. So effectively I want to allow them to make GET method requests, but not POST method ones.
Ideally, I'd like to do this in the .htaccess file for the site rather than actually coding it into the PHP scripts that power the site. After a bit of searching, I found what I thought was exactly what I needed: . It appeared that I could do exactly as described above with:
# Block China, Russia etc. from POSTs and similar methods
<Limit POST PUT DELETE>
order deny,allow
deny from 210.5.214.128/29
deny from 210.89.69.160/28
# Hundreds more lines...
# My current IP (sample provided here, actual used in reality), to test
deny from 100.100.100.100
allow from all
</Limit>
# Allow anyone to do GETs and HEADs
<Limit GET HEAD>
order deny,allow
allow from all
</Limit>
But it's not having the desired effect. I can do GET requests (as desired), but POSTs also still work as normal where I would expect a 403 Forbidden error perhaps.
If I don't use the tag and put my IP in the deny list, it does successfully prevent me from accessing the site (both GET and POST).
Can anyone advise me as to what I need to change?
Change the order of allow deny like this:
<Limit POST PUT DELETE>
order allow,deny
allow from all
deny from 210.5.214.128/29
deny from 210.89.69.160/28
# Hundreds more lines...
# My current IP (sample provided here, actual used in reality), to test
deny from 100.100.100.100
</Limit>
<Limit GET HEAD>
order deny,allow
allow from all
</Limit>
Block backend repertory eg: /wp-admin except for allow IP (even if you have the password)
<Limit POST PUT DELETE>
order deny,allow
deny from all
#allow from localhost
#allow from 127.0.0.1
allow from xxx.xxx.xx.xx
</Limit>
# Allow anyone to do GETs and HEADs
<Limit GET HEAD>
order deny,allow
allow from all
</Limit>

Need to deny all IPs except mine from accessing site and display friendly error

I need to deny all IPs except mine.
I got my outward facing IP from whatismyip.com. Let's assume it is 200.200.200.200
Here is the beginning of my .htaccess
ErrorDocument 403 /down.html
<Limit GET POST>
order deny,allow
deny from all
allow from 200.200.200.200
</Limit>
This works with the denying part - it shows my down.html page. However it denies me even when I place my correct IP in the .htaccess. Am I doing something wrong?
Also the down.html page contains an image - but seeing as all requests are being denied, I had to host it on a different domain to get it to display. My .htaccess skills are a little rusty, but how would I go about allowing that one image request through using .htaccess on this domain?
<Limit GET POST>
order allow,deny
allow from 200.200.200.200
deny from all
</Limit>