I want to block some IPs through htaccess to visit the site to prevent malicious attacks an example IP is : 172.30.1.193
I am using this rule to block the IP
order allow,deny
deny from 172.30.1.193
allow from all
but i am recieving error of forbidden 403
Related
I want to allow visitors to my website only from the short URL services such as bit.ly or cutt.ly through .htaccess (or if the referral is internal)
I want to block everything else, how can I do it with the .htaccess?
I bought a domain name from 1and1 but would like it to only be accessible for people connected to our company's internal network. Is it possible to continue letting 1and1 host the domain while also preventing access to the website unless connected to company network?
To Make public domain name only accessible from internal network, you can place a .htaccess at the root of your host with a 403 Error for All but your company network IP (xx.xx.xx.xx).
order deny,allow
deny from all
allow from xx.xx.xx.xx
To go further and make it cleaner, you should also redirect unwanted users to a public page with this line below the previous code:
ErrorDocument 403 http://example.com
i have a video file that want to block from viewing from other sites (so users can watch it just from my website) but i want also to allow some ips that can access it from everywhere
So to allow just some ips i use
order deny,allow
deny from all
allow from 111.111.111.111
allow from 111.111.111.112
...
it works great but i want also to allow all users that play video in my website
www.example.com
so can i exclude my website from deny from all, so if user visit it from mysite those rules will not work for him
I need to make a website secure so that only me and 2 other collegues in the office can access it. For that the first step i did is to block the access of all other ips except the office ip via creating an .htaccess file as follows
# ALLOW USER BY IP
<Limit GET POST>
order deny,allow
deny from all
allow from 2.59.42.32
</Limit>
# PREVENT VIEWING OF .HTACCESS
<Files .htaccess>
order allow,deny
deny from all
</Files>
Now there are 30 other computers + other phone devices which has all the same ip. How can i block all the 27 computers and all devices to access this website? any idea?
Note: The website has a password for signing in. but I need to make it extra secure so that the password is not misused by the employees who have them. There is a possibility that the employees (to whom access is granted) can share it with other collegues.
Possible solutions:
I get an email of other computer names if they sign in?
I get a notification via email that more than 3 members are online?
You can set up SSL on the web server and authenticate to it using a certificate that only exists on that particular machine.
You can see this link
I have this in my .htaccess
<Limit GET POST>
Deny from all
Allow from xxx.x.xxx.x
Allow from xxx.xx.xxx.x
Allow from xxx.xx.xx.x
</limit>
So I am good with this setup now I am allowing certain ip to access my server but now I need add another but I cannot get their ip address so I need to allow via their url. How can I accomplish this case?
for example I want developer.paypal.com/(any) to allow to access the php scripts in my server
You can use:
Allow from bla.com
Assuming that bla.com is the domain name and that it is properly assigned to the IP that is making the requests to your site.
If the IP is not properly assigned to that domain name or is dynamic you can use a different approach such as user and password authentication, and others available.