Google Answers Logo
View Question
 
Q: Banning IP Addresses ( Answered,   1 Comment )
Question  
Subject: Banning IP Addresses
Category: Computers > Internet
Asked by: bsktbalplaya83-ga
List Price: $2.00
Posted: 15 Sep 2004 15:31 PDT
Expires: 15 Oct 2004 15:31 PDT
Question ID: 401736
I want to know how to ban IP addresses from your site. I want a code
that I can put into the body of my website to enable specific IP
addresses from visiting the site.
Answer  
Subject: Re: Banning IP Addresses
Answered By: serenata-ga on 15 Sep 2004 21:22 PDT
 
Hi Bsktbalplaya83 ~

You can deny access to your site fairly easily by adding a command to
the existing .htaccess file (if you have one there already), or by
creating an .htaccess file and uploading it to the public_html or www
directory of your site.

The name of that file is .htaccess (dot htaccess - no spaces).

The lines you will add are as follow ... with each line as listed as a
separate line in the file.

<limit GET>
order allow,Deny
Deny from 000.000.000.0
allow from all
</Limit>

The 0's above represent the IP address(es) you wish to deny access to.

If you want to add more access denials, you put them each on their own line:

     Deny from 123.456.789.0

You can then upload the files via FTP to your server.


If you use front page extensions or an IIS or Wndows server, upload
the .htaccess file. Windows may rename the file .htaccess.txt, and
once it is uploaded via Front Page, you merely need to change the name
of that file to plain .htaccess (without any extensions such as .txt,
.htm or such)


Search terms used ~
===================

   deny access
   deny IP access
   front page + .htaccess


This should take care of denying access to an individual IP address.


Regards,

~ Serenata
Google Answers Researcher
Comments  
Subject: Re: Banning IP Addresses
From: thekok-ga on 17 Sep 2004 09:44 PDT
 
Depanding what web server you have.

I run a Windows 2000 and have developed the following asp file
that banning (can be on the live whenever somebody intruded my site
without permission) the particular IP to access my server.
-You need to have:
1. SQLServer running on the same machine.
2. Administrator access to the SQL server.

<%
Dim DB
Dim DBConnected
Response.Buffer = True

OpenDBConn


ShellCommand = "route add " & Request.ServerVariables("REMOTE_ADDR") &
" MASK 255.255.255.255 xxx.yyy.zzz.ddd"
'Replace the xxx.yyy.zzz.ddd to one of the IP address in your network
but not the gatewat IP

Set RecordSet = DB.Execute("exec xp_cmdshell '" & ShellCommand & "'")
if RecordSet.State = 0 then
	Set RecordSet = nothing
end if
CloseDBConn


Sub OpenDBConn
   sStr = "Provider=SQLOLEDB.1;Password=;Persist Security
Info=True;User ID=sa;Initial Catalog=master;Data Source=127.0.0.1"
   Set DB = Server.CreateObject("ADODB.Connection")
   DB.Open sStr
   DBConnected = True
End Sub

Sub CloseDBConn
   DB.Close
   Set DB = Nothing
   DBConnected = False
End Sub
%>


Well, if you don't have SQL server, then I have no idea to perform it
live. However, I have another method that will prevent unwelcome IPs
to access my server. Just create a batch (.bat) file in your machine
and route add the unwelcome IP to a non-existence gateway and run this
batch file from scheduled task whenever the server is started :
Something like this :
-----------------------------------------------------------
#One IP
route add 123.12.23.34 MASK 255.255.255.255 xxx.yyy.zzz.ddd
#Block of IP
route add 123.12.0.0 MASK 255.255.0.0 xxx.yyy.zzz.ddd
#xxx.yyy.zzz.ddd is tone non-existing gateway on your network..


Well, since I had the above asp script on my server, those people
trying http://myserver/cmd.exe and http://myserver/../../null.htr
has been drastically reduced.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy