Can you explain in greater detail about these ‘attacks’? The reason I ask is it is easy for an attacker to ‘spoof’ IP addresses and also to see if that IP is blocked and then simply use another IP address. Once you add this list, they will use others…
I realize that you are probably right, but I want to do this because I want to present as many dutifulness and frustrations as I can. I think that many of these attackers are going after the low-hanging fruit. Fewer will take up the challenge that a variety of defenses will present.
So if anyone can tell me how to configure the file that wa, I would appreciate it.
Once that is done I intend to use another protective trick. I understand I can move the htaccess file up one directory to make it less visible to passing scans. If that is true, I’d like to hear from those who have has experience with that step.
add this to top of .htacess changing the list of IP addresses
order allow,deny
deny from 127.0.0.1
deny from 127.0.0.2
deny from 127.0.0.3
allow from all
consider using ranges:
order allow,deny
deny from 127.0.0
allow from all
above blocks all 127.0.0.0 to 127.0.0.255
You can find the most common IP address ranges for a region also online.
