-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Albert McCann Sent: Sunday, August 28, 2016 2:01 PM To: 'CentOS mailing list' Subject: Re: [CentOS] .htaccess file
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org]
On
Behalf Of TE Dukes Sent: Sunday, August 28, 2016 10:36 AM
My home system on a DSL line is getting worn out by bad behavior robots.
Awhile back, I created a .htaccess file that block countries by IP
blocks.
Its 2MB in size.
...
So, today, I tried following the directions for apache.org website, https://httpd.apache.org/docs/current/howto/htaccess.html to move the .htaccess
What version of CentOS are you using?
For 7.x, and I think 6.x, there is a much simpler way of doing this, using mod_geoip from the Epel repository.
It rejects all unwanted HTTP connections using 403 responses. Here's an example geoip.conf file, which is what I'm using:
<IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache GeoIPOutput Env # Proxies SetEnvIf GEOIP_COUNTRY_CODE A1 BlockCountry #Country blocks SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE IR BlockCountry #... more countries using the two char country code </IfModule> ---- On C7 this file goes here /etc/httpd/conf.d/geoip.conf
Make sure that /etc/httpd/conf.modules.d/10-geoip.conf loads the library file, and is not remarked out with a #.
There is more info on mod_geoip here (but use the installation from Epel) though:
http://dev.maxmind.com/geoip/legacy/mod_geoip2/
I run a server for personal family purposes, and use this to block many of
the
places my family doesn't live...
Al McCann Certe, Toto, sentio nos in Kansate non iam adesse.
[Thomas E Dukes] Thanks,
I'll take a look at that as well. I am getting hit on several services but httpd is getting the majority.
Thanks!!