Hi,
I tried both of the following methods to block an ip address, but neither worked. In .htaccess, I put:
Order Deny,Allow
Deny from 123.123.123.123
and
RewriteCond %{REMOTE_ADDR} ^123.123.123.123
RewriteRule .* /maintenance.html [R=503,L]
(I do have the mod_rewrite module installed)
In both cases, I put the rules at the top of the file so that it would be the first rules executed.
After each one, i did an apachectl stop, then apachectl start.
In both cases, when i monitored my site with the 'server-status' module, the ip address was still there, with sometimes more than 30 requests, and all for the same page, which was ..../login.php. And it continued to be there for the next 30 minutes until it just dropped off, but i was doing nothing to stop it at that point.
This method of blocking has worked for me in the past.
Is it possible for someone (ie a hacker…) to bypass my blocking method(s)? Or is there something more I need to do?
Thank you,
Josh