Forum Moderators: phranque
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
I'd like to add the lines below in order to block access from a certain country. Will there be any conflicts with the above lines if I do that?
<Limit GET HEAD POST>
order allow,deny
deny from 41.204.224.0/19
deny from 41.205.160.0/19
deny from 41.206.0.0/19
deny from 41.206.224.0/19
deny from 41.211.192.0/18
deny from 41.220.64.0/20
deny from 41.222.40.0/21
deny from 41.222.64.0/21
deny from 41.222.72.0/21
deny from 41.223.24.0/22
deny from 41.223.64.0/22
deny from 41.223.128.0/22
deny from 41.223.136.0/22
deny from 62.173.32.0/19
deny from 62.193.160.0/19
deny from 80.248.0.0/20
deny from 80.250.32.0/20
deny from 82.128.0.0/17
deny from 195.166.224.0/19
deny from 196.1.176.0/20
deny from 196.3.60.0/22
deny from 196.3.180.0/22
deny from 196.29.208.0/20
deny from 196.45.192.0/18
deny from 196.46.144.0/22
deny from 196.46.240.0/21
deny from 196.200.0.0/20
deny from 196.200.64.0/20
deny from 196.200.112.0/20
deny from 196.202.224.0/21
deny from 196.207.0.0/20
deny from 196.207.128.0/18
deny from 196.216.144.0/22
deny from 196.216.148.0/22
deny from 196.220.0.0/19
deny from 212.100.64.0/19
deny from 217.14.80.0/20
deny from 217.78.64.0/20
deny from 217.117.0.0/20
deny from 81.18.32.0/20
deny from 81.24.0.0/20
deny from 213.166.160.0/19
deny from 213.181.64.0/19
allow from all
</LIMIT>
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
Similarly, any conflict between <Limit> containers will result in the last one that applies being used.
There is no need to enclose the Deny from's in a <Limit> container, so I'm not sure why you're doing that. For example, PUTs and DELETEs will be allowed from your listed IP addresses with the code as-posted.
Also, see <LimitExcept>, which may be useful to you.
I'd suggest:
# Allow all to fetch robots.txt and custom 403 error page
SetEnvIf Request_URI "^/(robots\.txt¦my_custom_403_page\.html)$" allow-it
#
Order Deny,Allow
#
# Allow all to fetch robots.txt and custom 403 error page
<Limit GET>
Allow from env=allow-it
</Limit>
#
# Deny all methods except for GET, HEAD, and POST (HEAD is implied by GET -- see documentation)
<LimitExcept GET POST>
Deny from all
</LimitExcept>
#
# Deny from various country's IP address ranges
Deny from 41.204.224.0/19
Deny from 41.205.160.0/19
...
Deny from 213.166.160.0/19
Deny from 213.181.64.0/19
Replace the broken pipe character in the SetEnvIf directive above with a solid pipe character before use; Posting on this forum modifies the pipe characters.
Jim
[edited by: jdMorgan at 7:51 pm (utc) on Dec. 31, 2007]
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
Okay, I give up, what's the error? (I'm a web designer and don't know much about .htaccess files, you may have deduced.)
deny from all
allow from all
the error is either/or NOT both.
I just got one question. Is there a way to allow bots like googlebot to come in while sending "page cannot resolve" to all other users from that country ip address range?
