Hi folks, I've downloaded and installed the free "Lite" version of a very nice little tool which will allow me to know the country a connection is coming from; I'm going to use it to block users of my website based on country so that I can eliminate vast ranges of script kiddies trying to attack my server. (it also lets you use the country knowledge for other reasons more positive reasons - check it out at http://www.maxmind.com/) Once loaded, the module defines an environment variable GEOIP_COUNTRY_CODE and then the doco suggested this rule to choose countries to block: <IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat MemoryCache SetEnvIf GEOIP_COUNTRY_CODE ^(AT|BR|CN|DE|EE|ES|FR|HK|IE|IN|IT|JP|KR|MX| MY|NL|NO|PE|PH|RU|SG|TH|TW)$ BlockCountry=1 </IfModule> That list of country codes is where all my script kiddy traces have come from. Finally, using the BlockCountry env variable, you can do the following in a Location block: RewriteEngine on RewriteCond %{ENV:BlockCountry} =1 # WARNING goatse is not recommended viewing for ANYONE RewriteRule .* http://goatse.ragingfist.net/ [L,R=301] I inserted this into a Location block, added my own country code (actually added -- which is the country code when it can't determine where you are from. This happens when you ask for the country of a local IP on a private subnet in the 10. or 192.168. range) The rewrite works admirably so I know I have it installed properly and the rewrite rule written correctly. My problem is, how do I make this rewrite work site-wide without having to insert it into every Location block on the server? Rewrites don't appear to work outside of Location blocks, and unless I'm doing something wrong, it doesn't work in the <Directory /> block either. PS - not affiliated with MaxMind in anyway, but the GeoIP Lite version is free and that's good thing; all I need after this is to figure out how to insert it into the SSH access filters too and I'll be one happy part-time sysadmin. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx