So to prevent certain countries from visiting a website, I have to copy and paste the code of the countries to the .htaccess files.
But I see a couple of patterns.
It is "require not ip xx.xxx.xxx.xx/xx" and "deny from xx.xxx.xxx.xx/xx"
How are these different and which one works better?
Related
I know it is easy to block an individual IP address or a whole country from viewing my website via htaccess, however I need to block a city in the UK only and have the visitors from the blocked city redirected to another external URL.
Here is some code I already have for my htaccess file, but I have been searching everywhere on how to block just a UK city or region. Where would I find the range of IPs for a specific UK city? or is there a better way of doing this?
# BAN USER BY IP
<Limit GET POST>
order allow,deny
allow from all
deny from (an individual IP address or range)
</Limit>
ErrorDocument 403 http://www.google.com
you have to use IptoLocation Script(http://www.ip2location.com/) and then you can check the city or region after that Blocking a City or Region from website.
There are several ways to do this. First you can use any geoIP API to query the location of the visitor. Just google geoIP API to see what's available. There are online solutions and downloadable databases as well.
You can also "wire in" the banned IP address blocks into your webapp. You can query block information at http://location2ipaddress.com/ for example. If you want to use the .htaccess file to do this, then all you need is the ip range data - put this into the deny list and you're done.
Whatever you do, blocking is a delicate topic.
It is easy to go around the block by using proxy servers.
Blocking whole ranges is risky, you are preventing innocent users from accessing your website. There is no harmless, 100% safe way to do this.
I have a VPS Hosting account with 2 domains. I just looked on Google to view the pages indexed for one of the sites and noticed that one of the results was one of my nameservers. As far as I am concerned, Google should not be indexing this.
Additionally, when you click on the link and go to it, the page loads as the 2nd website's home page. I fear that this is a problem for 2 reasons... 1- Duplicate Content, 2- Associating content between 2 sites.
Name Servers:
NS1.DOMAINA.COM
NS2.DOMAINA.COM
Domains:
DOMAINA.com
DOMAINB.com
When I clicked on NS1.DOMAINA.COM and NS2.DOMAINA.COM, they both pulled content from DOMAINB.COM. The nameservers are being indexed as DOMAINA.COM pages however.
After reading several resources, it seems that this issue resulted in band-aid fixes such as robots.txt rules, etc. I would rather fix the problem but if that is not probable, I would prefer to do this in .htaccess. However, I am nor exactly proficient in htaccess so I would require examples or detailed explanations.
Thank you
Add a file named robots.txt at the root of the domain you wish to remove the indexation, and fill it with this:
User-agent: *
Disallow: /
You can also set this bunch of lines on your .htaccess :
Header set X-Robots-Tag "noindex, nofollow"
EDIT: Also, to block only the subdomain, add a rewrite rule:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^DOMAINA.COM$
RewriteRule ^robotx\.txt$ robots-subdomain.txt
I looked at countryipblocks.net, and need to clarify...
If I want to block users from, say, Andorra from visiting my site, what exactly needs to be added to my (already existing) .htaccess file?
Do I need to simply add this block of text to my .htaccess?
<Limit GET HEAD POST>
order allow,deny
deny from 85.94.160.0/19
deny from 91.187.64.0/19
deny from 194.117.123.178/32
deny from 194.158.64.0/19
deny from 195.112.181.196/32
deny from 195.112.181.247/32
allow from all
</LIMIT>
On the other hand, if I want to redirect users from, say, Croatia, from http://mywebsite.com to http://google.com or a landing page, what exactly needs to be added to my .htaccess file?
Finally - how would "deny" appear to the user being denied access?
Thanks.
Visitors who are within a IP range that is banned by deny will be served with a 403 error. If you want to them to see a nice page, instead of the standard Apache error, then you will need something like
ErrorDocument 403 /errors/403.html
in your .htaccess file. It is fairly easy to check rules based on IP addresses are working in your .htaccess by setting the blocked IP to be 127.0.0.1 (i.e. localhost); when you then look at the page in question on localhost, you should see the result of the page being blocked.
In answer to your question about redirecting users, blocking all users from any 1 country seems a little bit overkill; however, try reading up on the RewriteCond directive.
I have a local Web site that I would like to tighten access to only those within the United States; or perhaps only within Florida. It's a Word Press site that has gotten hacked due to some weak code. I've seen two sources of IP address lists for .htaccess "allow deny" control by IP Address.
IP by Country/Continents:
http://www.countryipblocks.net/continents/
Wizcrafts List:
http://www.wizcrafts.net/htaccess-blocklists.html
What is the best approach for blocking everything except United States traffic? How would you approach the deny/allow? Would you deny other Countries or try to allow only the U.S.?
Thanks for any comments, Jeff
Add this list to the .htaccess located on the root folder of your server.
It will only allow connections from the US.
ex .htaccess file:
allow from IP
203.31.234.0/24
129.230.176.0/20
etc...
you can use deny from All in order to forbid access to your site!
In countryipblocks you can download all IPs from the area you want and add allow from IP to your .htaccess file! so only those IPs can access to your site!
Edit: Remember you can add IP range instead of one IP!
I downloaded .htacees from that site, and that was ok!
If I have a website with the domain someone.com which is the main site and two other domains mything.com and yourthing.com. All domains point to the same IP and the same path on the server.
When i go to someone.com, index.php is loaded and but when I visit mything.com and yourthing.com i want index.php loaded with a parameter like:
index.php?site=mything.com
In the code i'll identify which domain it is and load the relevant data.
In the address bar at the client I want the entered domain name to remain.
How can I achieve this with htaccess?
Cheers...
Found a solution, using the $_SERVER vars and some nifty apache setup.