Apache IP Blocking Primer Tutorial

Posted on by
Apache IP Blocking Primer Tutorial

Apache IP Blocking Primer Tutorial

With Apache web servers you can use .htaccess files at the document root directory corresponding to website URLs to control various aspects to do with access to that website, or even directory of website.

Some preparatory matters generic to .htaccess usage that would happen within the Apache configuration file called httpd.conf would be useful before us explaining how to use them to block access to IP or IP ranges from access to directories …

  • AccessFileName “access.config” … would rename the .htaccess file naming convention to access.config (for our example)
  • AllowOverride All … allows .htaccess usage to be allowed versus AllowOverride All|None|directive-type [directive-type]
  • Directory by directory determination of .htaccess usage …

    <Directory "/www/htdocs/usehtaccess">
    AllowOverride All
    </Directory>

    <Directory "/www/htdocs/donotusehtaccess">
    AllowOverride None
    </Directory>

Okay, so now we are ready to talk about blocking an IP or IP range from accessing an Apache web server directory. Below is a .htaccess blocking IP addresses xx.xx.xxx.110 and xx.xx.xxx.112


Order Deny,Allow
Deny from xx.xx.xxx.110
Deny from xx.xx.xxx.112

If you’re worried about the syntax run the scenario through this link.

Take a look at this ls -la .htaccess


-rw-r--r-- 1 root root 852 Apr 23 07:56 .htaccess

… these are suitable permissions for a .htaccess file … perhaps your owner and group may be different, but chmod 644 .htaccess gives recommended permissions as above.

This link and this gave us good advice regarding checking Access Logs before or after this work to check things out (that is, if you don’t use the cPanel Apache Status report option) …

Look for CustomLog directives in your Apache configuration, see the manual for examples. A typical location for all log files is /var/log and subdirectories. Try /var/log/apache/access.log or /var/log/apache2/access.log . If the logs aren’t there, try running locate access.log

We leave you with a very useful webpage regarding the topic of .htaccess files, generally.

If this was interesting you may be interested in this too.

This entry was posted in eLearning, Networking, Tutorials and tagged , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *