htaccess use of Order Deny,Allow

1
votes

I'm using Order Deny,Allow in my .htaccess file, without success. IP's I need to prevent access to are going right through with no troubles. I read that as of Apache 2.4 Order Deny,Allow would no longer work; first is that factual and second if so what has replaced it? I cannot access my httpd.conf file, so Require and Require not is not an option for me.

I only have access to .htaccess, how can I accomplish banning by ip or if no longer possible, redirecting by ip. Below is a snipit of my Order Deny,Allow if it matters. Thanks in advance! 

Order Deny,Allow
Deny from 123.125.71.*
Deny from 123.125.71.121.some.domain.com
Deny from some.domain.com
Allow from All

(as you can see, I'm attempting to block the same ip, in various formats but no matter the format, the traffic continues to go through.)

1
apache.htaccess
What version of apache ard you using?Amit Verma
I"m unable to determine, however I do see where further in the htaccess the wm prior to me is using RewriteRule rules. is there a simple RewriteRule I could add to push the undesired ip to a 403 or specific page?Dream Master

1 Answers

1
votes

To push the undesired ip to 403 ,you can use the following rule :

RewriteEngine on

RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
 RewriteRule ^ - [R=403,L]

Replace 00.00.00.00 with your undesired ip address.

To ban multiple ipaddress, you can add multiple conditions seprated by a [OR] flag to your rule :

RewriteEngine on

RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$ [OR]
RewriteCond %{REMOTE_ADDR} ^00\.00\.00\.00$
 RewriteRule ^ - [R=403,L]