Re: .htaccess file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 


> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
> Behalf Of Always Learning
> Sent: Monday, August 29, 2016 1:50 PM
> To: CentOS mailing list
> Subject: Re:  .htaccess file
> 
> 
> 
> Hi,
> 
> > My home system on a DSL line is getting worn out by bad behavior robots.
> >
> > Awhile back, I created a .htaccess file that block countries by IP
blocks.
> > Its 2MB in size.
> 
> Do you control your home server ?  If so, then .htaccess is the wrong
> solution, because you need to incorporate blockages in your IP Tables
> firewall and then use your Apache configuration file to restrict any
remaining
> unwanted visitors.
> 
[Thomas E Dukes] 

Yes. I knew .htaccess wasn't the best method. I didn't know about ipsets. It
make this so much easier.


> .htaccess (its possible in Apache to rename it) is inefficient and
suitable as a
> second-rate solution when you are using a hosted service and lack full
control
> of the server. VPSs are cheap and a better alternative to hosted mail and
> web.
> 
> On my servers (C5 and C6) in IP Tables, I have three sets of blockages:
> 
> * permanent for all ports
> * only for web (port 80)
> * only for emails (port 25)
> 
> In web and emails there is a permanent table plus a monthly one (one for
> every month). Perpetual pests go in the permanent tables and irritants in
the
> monthly table - otherwise the banned IPs entries would get too large.
> 
> A compromised computer trying to send me junk mail or trying to wrongly
> access a web page or attempting to break-in to SQL (instantly identified
and
> IP instantly blocked because I impose string size limits for the
?key=....) has
> its IP added to the monthly list and remains there until one month after
the
> last access from that IP address.
> 
> I am unwilling to be a passive victim of junk mail and web hackers.
> 
[Thomas E Dukes] 
Same here!!


> All home-made solutions but effective and robust. Centos made all this
> possible (sincere thanks to the C-Team; they are all 'A*' rated).
> 
[Thomas E Dukes] 
Ditto!!

Thanks!!

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux