NoGlow75
Posts: 19
Joined: Sun Apr 28, 2019 1:34 pm

Problem with _apache2_ .htaccess

Sat May 04, 2019 12:47 pm

hello NoGlow here

I hosted my web server (with port forwarting), but found that my website makes many connections with so-called (bad
Bots) And those Coming via the ip address (Not via the domain .noip) I want to block these ips by creating .htaccess (with in it Allow Deny)
But I myself have no idea how to do that (and as a result blocking my parents Youtube can't really find a good answer).

Log Files https://drive.google.com/open?id=1yOn0u ... 6-gEa9-AYY
https://drive.google.com/open?id=1Q2pcI ... WAHejtTdJV


(Problem in short)
Don't know how to create .htaccess (and where the Apache2 File is located)

(/ etc / apache2 .apache2.conf or Do I need something else)
(I myself have the .htaccess (var / www / html)
I also put it in Var / www / but it doesn't work

So can someone help me with this problem (ps am not that good in linux yet)
<p> help (<b> sos </b> </p>

User avatar
DaveyDave1999
Posts: 28
Joined: Tue Apr 16, 2019 9:16 pm
Location: United States, Hawaii

Re: Problem with _apache2_ .htaccess

Sat May 04, 2019 10:52 pm

You mean those kind of bots?

Code: Select all

127.0.1.1:80 185.172.110.207 - - [19/Apr/2019:21:25:32 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
127.0.1.1:80 45.35.190.4 - - [19/Apr/2019:21:34:56 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
127.0.1.1:80 185.12.179.207 - - [19/Apr/2019:22:03:10 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
127.0.1.1:80 115.73.221.84 - - [19/Apr/2019:23:10:53 -0400] "GET / HTTP/1.1" 200 1656 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
127.0.1.1:80 185.12.179.207 - - [21/Apr/2019:12:36:55 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
127.0.1.1:80 185.172.110.207 - - [21/Apr/2019:12:37:35 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
127.0.1.1:80 185.12.179.16 - - [21/Apr/2019:12:44:05 -0400] "GET login.cgi HTTP/1.1" 400 0 "-" "-"
Just ignore them. They're harmless! Trust me.
Tho, if you REALLY want to block bots, take a look at fail2ban.

And last thing, if you want to create an .htaccess file for whatever reason, create it inside /var/www/html/. The rules will apply to all files within that directory (and sub directories too!)

Good luck!
Blog about Raspberries coming soon...

tpyo kingg
Posts: 555
Joined: Mon Apr 09, 2018 5:26 pm
Location: N. Finland

Re: Problem with _apache2_ .htaccess

Sun May 05, 2019 3:21 am

NoGlow75 wrote:
Sat May 04, 2019 12:47 pm
I hosted my web server (with port forwarting), but found that my website makes many connections with so-called (bad
Bots) And those Coming via the ip address (Not via the domain .noip) I want to block these ips by creating .htaccess (with in it Allow Deny)
Look at fail2ban and sshguard and then choose one. Those will monitor web server logs for undesirable activity and then add a packet filter rule to block traffic from the offending host(s).

Other than that, .htaccess is not what you are looking for. All changes to the web server configuration should go in the web server's own configuration file itself. Usually that is subdivided these days into separate files, one for each virtual host. So use those vhost configuration files if applicable, like if you have nginx or Apache2.

The .htaccess files are mainly for a specific use-case involving shared hosting that mostly went out of style in the 1990s. Mostly, it should not be used on a server you yourself have configuration access to. Any guides refering to .htaccess are 20+ years out of date in nearly each case.

Return to “Networking and servers”