I have my .htaccess setup as
order deny, allow
deny from all
allow from 123.my.ip
my IP is what ipchicken is giving me yet I am getting internal server error from any address. I have also tried multiple IP locations.
Following Apache copied from there site with this format just gives me forbidden even from my address...
Order Deny,Allow
Deny from all
Allow from my.ip.address
I have followed this question with no success...
.htaccess block all but my ip
I have also tried below from the following link with the same results...
http://kb.siteground.com/how_to_redirect_all_visitors_except_your_ip_to_another_site/
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} !^1.2.3.4
RewriteRule .* http://www.anothersite.com [R=302,L]
Just in case its relevant, i'm running magento on a AWS server. Running out of ideas to try...
If you tried:
order deny,allow
deny from all
allow from {111.111.111.111} <-- example ip
its very straight forward that it should be working
what you need to do is enable rewrite.log in your apaches virtualhost config
to determine whats going on in there with mod rewrites/
make sure that you have given your apache virtuahost auth to read from .htaacess file
** Override to All
you shouldn't use mod_rewrite rules to disallow any ip but your, keep that for specific page rewriting, the above code should be fine.
Make sure! that you're IP address is your Internet ip address and not an internal ip address. Go on google and type in "what is my ip" it should give you the correct one
if none works, there's definitely something funky going on with your .htaccess file. Try to paste your entire .htaccess file to somewhere where we can all view it. There may be errors on your .htaccess file. Make sure magentos admin isn't over-writing your .htaccess file.
with .htaccess its a big factor where you place the rules. sometimes having too many things on there can confuse the web server if its not in order.
Related
I have tried many times, I feel desperate.
I have been able to do this successfully before on Apache 2.2.
Now my environment is Apache/2.4.18 (Ubuntu) Server
I go to https://www.ip2location.com/blockvisitorsbycountry.aspx to generate code
select ipv4
select China
select "Apache 2.4 .htaccess deny"
Then add the code to the bottom of .htaccess.
However, the result is that I cannot access the website whether I use a VPN or not.
I am located in Chinaļ¼
Later, I tried to select another one country, such as Japan, to generate new blocking code.
However, the result was the same, after adding the code into .htaccess.
I also cannot access the website, even though the blocked country is Japan and I am in China.
I doubt the code, what should I do in order to get the right blocking a country code?
Some of the generated code:
<RequireAll>
Require all granted
Require not ip 1.0.1.0/24
Require not ip 1.0.2.0/23
Require not ip 1.0.8.0/21
Require not ip 1.0.32.0/19
Require not ip 1.1.0.0/24
Require not ip 1.1.2.0/23
Require not ip 1.1.4.0/22
:
now,I have solved the problem.
first of all,
the code generated from https://www.ip2location.com/blockvisitorsbycountry.aspx is 100% correct!
the reason why I cannot access the website whether using VPN or not,is that I didnot add the following code to yourdomain.conf to make https(ssl) url also support rewrite.
<VirtualHost *:443>
.......
<Directory "/var/www/html/yourdomainname/public_html">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Another solution using GeoIP and .htaccess
I have hostinger server
To enable GeoIP, all you have to do is add the following line to your .htaccess file:
GeoIPEnable On
Once added, you can verify if it's working by creating a PHP Info file and checking the PHP Variables section:
Image showing GeoIP is enabled in your server
How to use it?
To block access for perticular file in Britain, US and India:
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^(GB|US|IN)$
RewriteRule (wp-login|xmlrpc).php$ - [F,L]
To allow access for whole website in Canada, UAE and India:
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(CA|AE|IN)$
RewriteRule ^(.*)$ - [F,L,QSA]
(Pardon me, I've injured my right hand so I'll have trouble typing)
I've recently set up a new Linux server running off the 'LAMP Stack'. I used PuTTY, Git and friends. Usually, I work in a pre-set up environment - I'm just an app developer. This would technically count as my first 'solo venture'. I've never been given root access to a server before, I was just there to work.
So, to get started, I decided to port some of my work from a previous project and build off of that. It relies heavily on Rewrite Rules. Ignorantly, I assumed my .htaccess file would magically work. It doesn't - For whatever reason, Apache wants you to enable the use of rewrite rules (It's not like you'd accidentally set up an .htaccess file, dear me).
So, I've read various tutorials, followed guides, asked elsewhere - I'm not really getting anywhere. To finally get to the point, here's what I've done:
1. I enable the use of .htaccess files at /etc/apache2/sites-available/default-ssl.conf:
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
2. I create an .htaccess file at var/www/html/site:
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
RewriteRule ^(.*)$ %{DOCUMENT_ROOT}/site/index.php [L]
3. Now, you should be able to reach a URL located at http://www.example.com/site/index.php/Bool via http://www.example.com/Bool (Bool is something like a query string - A page identifier). You can't in this case - You're told that there's no file titled 'Bool' on the server.
The rewrite rules given in section 2 have worked before, but don't work here.
Some guides also tell you to do wacky stuff like set up some password system at /etc/htaccess/.htpasswd and have another .htaccess file to call on that or something. Despite my other rewrite rules not working in this new server environment, the 'password' system did actually work (I was asked to provide a password before accessing a page) - However, I don't need or want any restricted access pages like that.
Practically everything I've tried has not worked - And that's ranged from changing the path in the <Directory> tag within default-ssl.conf to putting .htaccess files here and there, with and without password systems, different 'code' in the .htaccess/configuration files, and more. Practically every 'guide' provides you with a different solution, including and excluding details and steps others do/don't.
I've even attempted changing AllowOverride to All in /etc/apache2/apache2.conf to no success - Just an Internal Server Error.
The grand question: How do you enable the use of .htaccess files anywhere you need them? Somebody has to be using a correct configuration somewhere, so you happen to have that working on your server, I'd like to see what you did.
I'm very excited to be in charge of my own server, it's been a wonderful learning experience and surprisingly, the learning curve hasn't been too difficult. I hope I can get this app running on it properly.
If Unfortunately Your HtAccess File are not being read by your server even in any case then you can use this command in order to enable the htaccess accessibity onto your server.
TO ENABLE HTACCESS FILE ON RACKSPACE SERVER(Debian Os)
sudo a2enmod rewrite
and restart the apache server now it will be accessible.
Thanks
Raghwendra Pathak
I only want people to access the intranet from my IP.
I have searched different blogs as well but not get more.
I just want my website to be accessed by just my IP address to make it secure. I need an intranet that can be locked down by IP.
Try adding this to the .htaccess file in your web document root folder (often public_html or htdocs), changing the 999... to your IP address:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^999.999.999.999
RewriteRule ^ - [F]
This assumes that mod_rewrite is both installed and activated for htaccess files.
If you are not sure, to check if mod_rewrite is installed, look at the list of installed modules in the output of phpinfo();
By default, mod_rewrite is not enabled for htaccess files. If you are managing your own server, open httpd.conf
and make sure that the webroot directory block contains one of these lines: AllowOverride FileInfo or AllowOverride All
I have two internet addressess, say one.com and two.com
The content of my webpage is all under the domain one.com. If I hit address two.com I want it to redirect to one.com but still with address two.com. For example if I type in address bar two.com/article. I want to still show this same address but the content displayed would be as from address one.com/article
I tried to use htaccess file, but still no luck.
Any advice would be appreciated.
You can't achieve that while performing an external redirect.
If both domains are hosted on the same server, then you can perform an internal redirect (e.g. using Apache's Alias, AliasMatch or mod_rewrite).
If the domains are hosted on different servers, then you would have to proxy one of them. You could do this with ProxyPass from Apache's mod_proxy.
Go to your domain name provider and create an alias (CNAME record) for the address.
You will need to enable mod_proxy in your Apache config for that. Once mod_proxy is enabled, enable mod_rewrite and .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory on domain2.com host:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.domain2\.com$ [NC]
RewriteRule ^ http://www.domain1.com%{REQUEST_URI} [L,P,NC]
I have recently installed Solr on server and i want to restrict only local users can access it with .htaccess
site.com:8983/solr/admin [ restrict all user]
And below is the .htaccess code
RewirteRule on
<FilesMatch "127.0.0.1:8983/solr/admin">
Order Deny, Allow
Deny form all
Allow 127.0.0.1
</FilesMatch>
Or is there any method we can protect / restrict Solr Admin on site.com:8983/solr/admin accessing from other users
Only local ip users can use it..
And i tried this one, but its not working.
Your <FilesMatch "127.0.0.1:8983/solr/admin"> line will never match anything because you've stuck the hostname and port in the regular expression. Try using the Location container instead:
<Location "/solr/admin">
Order Deny, Allow
Deny from all
Allow 127.0.0.1
</Location>
Or better yet, Directory:
<Directory "/path/to/your/document/root/solr/admin">
Order Deny, Allow
Deny from all
Allow 127.0.0.1
</Directory>
You'll need to fill in the full path to the solr/admin directory.
Get rid of the RewirteRule on line, it doesn't do anything and it's not even spelled right and will cause a 500 error.
However, neither of these directives can be use in an htaccess file. You need to use these in either the server of vhost config. If you must use an htaccess file, then create an htaccess file in your solr/admin directory and simply put these directives in it:
Order Deny, Allow
Deny from all
Allow 127.0.0.1
Or, in the htaccess file in your document root:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !127.0.0.1
RewriteRule ^/?solr/admin - [L,F]
Check following links. Hope they will help you.
Restrict Solr Admin Access
Solr Security
Securing Solr administrative console
How to protect Apache Solr admin console