Thread: Ban certain IP

How do I ban certain countries IP Address via .htaccess?
I use the one at BlockACountry.com but for the past 12 hours, I still see more than 20 spammers with Ukraine, Russia and UK ip address registering.

I have added the "NoSpam! Verification Question" vbulletin mod, but they still managed to pass through it.

Any idea?

Originally Posted by 1901gt

How do I ban certain countries IP Address via .htaccess?
I use the one at BlockACountry.com but for the past 12 hours, I still see more than 20 spammers with Ukraine, Russia and UK ip address registering.

I have added the "NoSpam! Verification Question" vbulletin mod, but they still managed to pass through it.

Any idea?

Make the question difficult like what is the speed of light times the speed of sound that'll stop it

Actually you can ban whole ranges in vBulletin too like 122.* is one that I banned cause that's like 60% of my spammers.

Originally Posted by 1901gt

How do I ban certain countries IP Address via .htaccess?
I use the one at BlockACountry.com but for the past 12 hours, I still see more than 20 spammers with Ukraine, Russia and UK ip address registering.

You're certain that the IP addresses which are gaining access are the same ones that you have blocked?

Is it possible that your http.conf is not configured to allow Deny statements in that the relevant directories .htaccess file?

This requires the AllowOverride permission for Limit.

In your httpd.conf file, you will need to find the AllowOverride section which is relevant to that directory. There is likely to be more than one AllowOverride statement, so make certain you are looking at the right one.

On my system, the section looks something like this:

Code:

<Directory "/usr/local/www/data">
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride Options FileInfo AuthConfig Limit
</Directory>

Where to find the httpd.conf file?
Is it in the ftp public_html folder?

I have .htaccess and htaccess.php in my public_html folder. Not sure why there's 2 htaccess files in there.

In my .htaccess file, it looks something like this:

# Comment the following line (add '#' at the beginning)
# to disable mod_rewrite functions.
# Please note: you still need to disable the hack in
# the vBSEO control panel to stop url rewrites.
RewriteEngine On

# Some servers require the Rewritebase directive to be
# enabled (remove '#' at the beginning to activate)
# Please note: when enabled, you must include the path
# to your root vB folder (i.e. RewriteBase /forums/)
#RewriteBase /

#RewriteCond %{HTTP_HOST} !^www\.yourdomain\.com
#RewriteRule (.*) http://www.yourdomain.com/forums/$1 [L,R=301]

RewriteRule ^((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$ vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 [L]

RewriteCond %{QUERY_STRING} !vbseourl=
RewriteCond %{REQUEST_URI} !(admincp/|modcp/|chat|cron)
RewriteRule ^(.*\.php(/.*)?)$ vbseo.php?vbseourl=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !\.(jpg|gif)$
RewriteRule ^(archive/.*)$ vbseo.php?vbseourl=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !^(admincp|modcp|clientscript|cpstyles|images)/
RewriteRule ^(.+)$ vbseo.php?vbseourl=$1 [L,QSA]

<Limit GET HEAD POST>
order allow,deny
deny from 58.147.128.0/19
deny from 117.55.192.0/20
deny from 121.100.48.0/21
.
.
.
deny from 217.199.224.0/20
allow from all
</LIMIT>

On my system, the httpd.conf file is at /usr/local/www/data/apache22/httpd.conf.

You system is likely different.

If you have shell access, you can use this command to find all httpd.conf files on your system:

Code:

find / -name httpd.conf -print

If you don't have shell access, you should probably just ask your hosting company why .htaccess isn't working.

Also, you can block IP addresses in vBulletin. In the vBulletin AdminCP, go to vBulletin Options and then to User Banning Options.

If you host provides cPanel, you can also paste the list of IPs you got from blockacountry into the IP banning module. Not sure if this will overwrite your htaccess, so make a backup of that first if you have anything in it other than the block country list.