Is is safe to create a .htaccess in a folder in my website (example.com/thisfolderismine) and ONLY allow MY IP address?
My goal is to MAKE SURE that no one else than me access this folder. This is also a login in this folder but I'd rather take a crazy-full access protection.
Is this safe? Is there a way to hack this?
Note: I don't care about not being able to access it from somewhere else.
My website is getting hacked by Ukraine, Vietnam, Philippines, Algeria, China in the last 4 months and these nolife are driving me nuts.
Also, is there a simple way to only allow IP/computers from ONLY Canada & USA? I don't have clients anywhere else anyway.
Thanks a bunch
Joel
Kind of going in reverse order of your question:
While there may be some general association of geographic location to IP address range, you should not count on it.
What if one of your clients in Canada want to access your site through a proxy in Europe? You should use a "real" authentication method to verify users, not IP address.
Using specific IPs is better, assuming those users have static IPs. This not a safe assumption for a dial-up or DSL-based user, though (for example).
If you yourself have a static IP, then yes, it should be fine to limit access to a folder based on that. Of course if you ever release that IP or switch ISP, etc. you will have to update your website's configuration. One more thing to have to remember.
You could also consider using a VPN and only limiting your page's access to the local network (see anubhava's answer - note the 192.168.XX.XX address).
Personally, I use a combination of HTTPS + username + good password for stuff like this.
Put these 3 lines on top of your .htaccess file in the folder you want to restrict:
Order deny,allow
Deny from all
Allow from 192.168.100.101
This will only allow access to that folder from IP address 192.168.100.101 otherwise it will show forbidden error.
Related
I recently set up a subdomain on my website with the intention to soon clone my website for testing purposes. Subdomain was "beta", so beta.example.com
It was set up and password protected via htaccess and is directed through Cloudflare, it's about three days old and was never announced publicly (only I know of it).
Today I notice this on my Apache Server Stats page:
Also, CPU load was increasing and very, very high. Upon refreshing, this continued and is actually still continuing right now. Is this some sort of botting/brute force attack? I can't imagine how/why else so many IPs would be accessing this unlinked/private subdomain. I've since taken it down from Cloudflare DNS and the IPs are still connecting somehow, I assume it will take time for it to propagate.
Is this malicious? And how can it be prevented? I assume it was/is attempting to brute force the htaccess password? Is it because it's a common subdomain name? ("beta") - would it matter? Again, it's only been about three days so damn they work fast.
It can be search engine robots, It can be script kiddies, It can be brute force, you can have more information in your log file or by analyzing IP address.
I'm not sure to really understand your problem and what you want.
If you website is online, so yes some people/bots/robots will try to access to it, like any other website.
If you don't want than anybody access to your website, you can add an IP restriction.
I've been googling for a bit now, and I really cant seem to figure this out. I recently bought a domain name with google domains, that I wish to point to a sub domain on my web-server, (example) http://120.0.0.0/sub-folder/, while apearing as domain.com.
Right now I have mbektic.com forwarding to http://138.197.5.88/mbektic/ which kind of gets what I need done, but I wish for the URL to say mbektic.com, instead of the ip address of the server.
Now I've been looking around and I've found things mentioning things from creating records to .htaccess files, and honestly I'm completely lost.
If someone could point me to a straightforward guide or give me a list of steps to follow, I can do it myself, but currently I am just lost.
This really belongs on unix.se since it isn't programming...
That said, what you need to do is set up a DNS A record pointing your domain name to your IP address. Add a second one to handle www.example.com
Then, on the webserver, configure it to respond to that name and serve content out of the directory you specify (the apache webserver calls this the DocumentRoot - you may want to look up apache virtual hosts .... )
I am having a java based application running in tomcat. It is an online app, the request first goes to apache and then redirects to tomcat.
Today I was not able to log into my application and I noticed warnings at catalina.out file. They said "An attempt was made to authenticate the locked user "root" "and "An attempt was made to authenticate the locked user "manager" "
In my localhost_access_log.2015-07-07.txt I found the below IP addresses trying to access the system.
83.110.99.198
117.21.173.36
I need to block these 2 IPS from accessing my system. The first IP is a well known blacklisted according to the anti-hacker-alliance. How can I do this thing?
FYI I am using apache 2, so the main configuration file is apache2.conf
(Please don't remove the IP addreses I listed above, as I need other developers to be aware of the threat as well)
If you're using VPC:
The best way to block traffic from particular IPs to your resources is using NACLs (Network Access Control Lists).
Do a DENY for All protocols INGRESS for these IPs. This is better than doing it on the server itself as it means traffic from these IPs will never even get as far as your instances. They will be blocked by your VPC.
NACLs are on the subnet level, so you'll need to identify the subnet your instance is in and then find the correct NACL. You can do all of this using the VPC Dashboard on the AWS console.
This section of the documentation will help you:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html
Note that you will need to give the rule numbers for these 2 rules to block these 2 IPs a rule number that is less than the default rule number (100). Use 50 and 51 for example.
You can use an .htaccess file:
Order Deny,Allow
Deny from 83.110.99.198
Deny from 117.21.173.36
It's probably better to add this as a firewall rule though. are you using any firewall service now?
I have looked all over the internet and I can't a reasonable way to make my web-server running on apache go live with an unique ip and everything. How would i got about making it live and viewable for other people?
Normally you would not do this. You'd buy a hosting account from some provider like GoDaddy, BlueHost, etc. and put your software there, and make it visible that way. Making your localhost server viewable would involve buying a static IP, which is not cost effective for most people.
I suppose it depends on what you mean by "go live" if you need it to host a specific domain name then yes - get a shared hosting account somewhere ~ if you just need access to it and it does not matter what the domain name is, you can use something like DynDNS: http://www.dyndns.com/services/dns/dyndns/
-sean
I currently host my company's website and blog on separate servers, reached by separate domain names - www.example.com and www.example.net. This is so I can give blog server access to our partners without compromising security on our main server. However, our SEO guy is now demanding that the blog be put on our main server, as www.example.com/blog.
I would like to maintain the current server separation rather than putting both on the same server. Is there any good way to keep them separated, but have them both under a single domain name? A subdomain would also be acceptable (blog.example.com).
My main website server is a Debian box running Apache 2, and I have full root access to it. The blog server is run by Hostgator, and I have limited access.
Edit: Thanks, all. In this particular situation I don't particularly want to transfer the blog again, and I don't have easy access to the DNS records, so i went with mod_proxy and it worked like a charm. I wish I could give you all "preferred answer" status, though, because all of your information was awesome.
A subdomain would be easy: just create an A record in DNS which maps blog.example.com to the IP address of the blog server, and have another A record in DNS which maps www.example.com to the main website server (this latter record probably already exists).
Would the SEO guy be happy with blog.example.com? It's not the same from an SEO perspective, but it might be good enough for him. I work at a company where SEO is at least 1/3 of what we do, and that's our setup: blog.example.com and www.example.com.
You could try to get fancy and proxy requests to /blog to the 2nd server, if you insist on keeping the blog off your box, but I think you can find a secure way to share space. Proxying like that could get annoying, and it basically doubles the latency to your blog.
Give the blog guys an account on your box; don't give them root/special privileges. If you can get away with it, don't even give them SSH access -- just give them a FTP login (make sure they can't access /var/www), and maybe a mysql account or something. (As you can see, this all depends on how much control/power the blog folks demand.)
Then, just make a symlink to the blog root, so they can write to a restricted area like /home/blog/www and still have it included in the website:
ln -s ~blog/www /var/www/blog
If a subdomain is for some reason not a possible way for you to go, you could use Apache's mod_proxy module to proxy requests to /blog to your second server.