WordPress.org

Ready to get started?Download WordPress

Forums

Blocking IPs with .htaccess (22 posts)

  1. Ebonmuse
    Member
    Posted 8 years ago #

    Hi all,

    I know it's futile to try to ban every spammer, but I'd like to ban at least a few of the more prolific ones that keep coming back to my site from the same subnets. However, although I've tried modifying htaccess to keep them out, they keep coming back. I've followed instructions I've found on this site and elsewhere, without success. These are the very first lines of my htaccess file:

    order deny,allow
    deny from 81.177.15.*
    deny from 81.177.14.*
    deny from 85.255.113.*
    deny from 85.255.114.*
    deny from 195.225.176.86
    deny from 85.255.117.250
    allow from all

    Can anyone see an error in that? How come people from those subnets are still able to access my site?

  2. whooami
    Member
    Posted 8 years ago #

    I sure can.

    your usage of the asterics as a wild card is incorrect.

    deny from 85.255.114.* == wrong
    deny from 85.255.114 == correct

    http://wreq.cgd.ucar.edu/manual/mod/mod_access.html

    Best to read up on what you are using it before reading it.

  3. Ebonmuse
    Member
    Posted 8 years ago #

    I tried it without the asterisks first, actually, and that didn't work either (I looked into this before posting here and I found some sites that say to use them, others that don't). Could there be some way to bypass htaccess, or is there any other error in my code?

  4. Chris_K
    Member
    Posted 8 years ago #

    Any compelling reason not to just use plugins that block most of this stuff? (top post in the threads. Sticky. Has "Spam" in the title.)

  5. Ebonmuse
    Member
    Posted 8 years ago #

    I have Akismet, which catches a great deal of spam, but on occasion a few do slip through. It'd be nice if I could cut out the middleman and just block these IPs directly. Is there a plugin that does that? I didn't see one in the sticky thread.

  6. yosemite
    Member
    Posted 8 years ago #

    Bad Behavior...

  7. Chris_K
    Member
    Posted 8 years ago #

    I agree with Yosemite. BB blocks 100's a day for me.

  8. whooami
    Member
    Posted 8 years ago #

    Ebonmuse, if it didnt work without the asterics then there's a good chance your host doesnt have mod_access enabled. Are you with Godaddy by chance? If so, thats prolly the case.

    The way I showed you is the correct way to block ips using mod_access, regardless of what any site that tells you to use them says.

    I pasted a link to a mirror of the Apache docs above to reinforce what I said. I'm willing to bet they know what they're talking about.

    Merely reading something here doesnt mean its the correct way.

  9. Rok
    Member
    Posted 8 years ago #

    Combination of Akismet and Bad Behavior is the Best.

  10. drmike
    Member
    Posted 8 years ago #

    Actually I thought it was this:

    deny from 85.255.114.

    Note the period at the end.

    Donncha mentioned an extention that will fill out the htaccess file while deleteing the spam. Maybe helpful. :)

  11. whooami
    Member
    Posted 8 years ago #

    and thats wrong. drmike.

    http://httpd.apache.org/docs/1.3/mod/mod_access.html

    From the horses mouth:

    A full IP address
    Example: Allow from 10.1.2.3
    An IP address of a host allowed access
    A partial IP address
    Example: Allow from 10.1
    The first 1 to 3 bytes of an IP address, for subnet restriction.

  12. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    If mod_access is unavailable, use mod_rewrite instead. :)

    RewriteCond %{REMOTE_ADDR} ^81.177.15 [OR]
    RewriteCond %{REMOTE_ADDR} ^81.177.14 [OR]
    RewriteCond %{REMOTE_ADDR} ^85.255.113 [OR]
    RewriteCond %{REMOTE_ADDR} ^85.255.114 [OR]
    RewriteCond %{REMOTE_ADDR} ^195.225.176.86 [OR]
    RewriteCond %{REMOTE_ADDR} ^85.255.117.250
    RewriteRule ^.*$ - [F]

    If you'd prefer to tell these IP's that they're jerks instead of simply blocking them, change the last line to these two instead:
    RewriteCond %{REQUEST_URI} !^/forbidden.html$
    RewriteRule ^.*$ /forbidden.html

    And make a forbidden.html file, where you can curse at them all you like.

  13. manstraw
    Member
    Posted 8 years ago #

    I learned dr. mike ways ages ago. and always used it. it seems apache docs say different though. I think that format actually belongs to another service.

  14. war59312
    Member
    Posted 8 years ago #

    Dude, here you go:

    order allow,deny
    deny from 81.177.15
    deny from 81.177.14
    deny from 85.255.113
    deny from 85.255.114
    deny from 195.225.176.86
    deny from 85.255.117.250
    allow from all

    You just had the order wrong. You where denying them but then you allowed everyone. So you where simply overiding the deny by allowing from everyone.

    The file is read in order. That is why the first line is always the order of which you want the htaccess file to be processed.

  15. whooami
    Member
    Posted 8 years ago #

    war caught the other mistake, very nice catch, war59312!

  16. war59312
    Member
    Posted 8 years ago #

    Hey,

    Also, check out this plug-in. I believe it does what you want. :) Such as banning by IP address:

    http://www.deliciousdays.com/smp-plugin

    Take Care,

    Will

  17. Ebonmuse
    Member
    Posted 8 years ago #

    Yes, I am using GoDaddy, but I don't think that was the problem. war59312 seems to have hit on it - I tried testing it with a friend, and I was able to ban them once I followed his suggestion. Thanks for the tips, everyone! Now let's just hope this stops the spammers...

  18. war59312
    Member
    Posted 8 years ago #

    No problem buddy. Take care! :)

  19. Ebonmuse
    Member
    Posted 8 years ago #

    Well, I'm sorry to report that this fix didn't work. The IP addresses I tried to block, even using the suggestions from this thread, are still showing up in my spam filter. I know I *can* block by IP address, since I was able to do so successfully with a friend, as I mentioned, but these people are somehow getting around it. Does anyone have any more ideas? Could this be some heretofore unknown security flaw in WordPress or Apache that enables spammers to bypass htaccess rules?

  20. whooami
    Member
    Posted 8 years ago #

    youre using godaddy, goddady doesnt use mod_access. I spent hours with someone else having the same problem - guess what, they were using godaddy, and after contacting godaddy support they were told its not something they use.

    That or you are still not making the entries correctly.

    I assure you that done correctly and with mod_access available, no IP can bypass an htaccess block.

    otto gave you a viable solution.

    --

    If you like I can provide you my ip and you can attempt to block me.

  21. war59312
    Member
    Posted 8 years ago #

    Yeah damn Godaddy to hell! POS!

    Change hosts buddy.

    Check out either asmallorange.com or dreamhost.com . I can give you $20 off dreamhost if you wish!

    I've been hosted with both for years. With asmallorange since day 1 and for dh for about 4 years.

  22. maerk
    Member
    Posted 8 years ago #

    Otto42: using rewrites might not be the best idea -- doesn't it take up a lot of processor? You don't want to waste any more processor time on spammers than is absolutely necessary ;)

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags