What is htaccess
The htaccess file (or distributed configuration file) provides a way to configure changes to the directory, that is, to place a file containing one or more directives in a specific document directory to function in this directory and all its subdirectories. As a user, the commands you can use are limited. The administrator can set it through the Apache allowoverride directive.
As an overview, the htaccess file is a configuration file in the Apache server that is responsible for the page configuration in the related directory. Through the htaccess file, you can help us achieve: Web 301 redirect, custom 404 error page, change file extension, allow/block specific user or directory access, prohibit directory list, configure default document and other features
Half a month in a row. Fed up with several IP segments of the rogue message, decided to put several IP end pull into the blocked access list
You can set IP and IP segments that are not accessible by using the. htaccess action.
The code is as follows |
Copy Code |
Order Allow,deny Deny from 92.241.169 Allow from all |
htaccess prohibit IP of the words directly to an IP, prohibit IP paragraph is: Deny from 92.241.169. (92.241.169.1-92.241.169.254)
The effect is to access the display:
Forbidden
You don ' t have permission to access/on this server.
Additionally, a 403 Forbidden error is encountered while trying to the request of a errordocument to handle.
I'll explain the htaccess settings Web site to prohibit an IP access
The code is as follows |
Copy Code |
Order Deny,allow Deny from 8.8.8.8 #禁止多个ip可以继续在这里添加 deny from 8.8.8.18 Deny from xxx.com xb.com #拒绝域名为xxx. com, xb.com Access Allow from all |
Htaccess prohibit access to a single IP segment
The code is as follows |
Copy Code |
Order Deny,allow Allow from 8.8.8.1 Deny from 8.8. |
IP access at the start of #代表拒绝8 8, but allows 8.8.8.1 to pass, while other IP allows access.
Htaccess set up a Web site to allow only one IP access
The code is as follows |
Copy Code |
Order Deny,allow Deny from all Allow from 8.8.8.1 #多个ip可以继续在这里添加 |
Another way of writing:
The code is as follows |
Copy Code |
Order Allow,deny Allow from 8.8.8.1 |
#同上面一样只允许某个ip可以访问
How do you prevent users from accessing a particular directory?
Create a new. htaccess file in the directory you want to disallow access to, and modify it to your own needs and upload it.
Prohibit certain types of files from being accessed
For example, I use PHP space, there is no. asp. aspx. mdb file
Check the log of the site will find a lot of sweeping this kind of document
It's probably done by looking for a loophole,
Add the following code to the. htaccess file and upload
The code is as follows |
Copy Code |
<filesmatch (. *). (Asp|aspx|mdb) $> Order Allow,deny Deny from all </FilesMatch> |
Other types of files in the gourd painting scoop
There's this section of Drupal.
The code is as follows |
Copy Code |
<filesmatch ". (engine|inc|info|install|make|module|profile|test|po|sh|. *SQL|THEME|TPL (. php)? | Xtmpl|svn-base) $|^ (code-style.pl| Entries.*| repository| Root| Tag| Template|all-wcprops|entries|format) $ "> Order Allow,deny </FilesMatch> |
It would be interesting if you could turn 403 wrong to some evil pages.