[CentOS] .htaccess file

Mon Aug 29 17:49:41 UTC 2016
Always Learning <centos at u68.u22.net>


Hi,

> My home system on a DSL line is getting worn out by bad behavior robots. 
> 
> Awhile back, I created a .htaccess file that block countries by IP blocks.
> Its 2MB in size.

Do you control your home server ?  If so, then .htaccess is the wrong
solution, because you need to incorporate blockages in your IP Tables
firewall and then use your Apache configuration file to restrict any
remaining unwanted visitors.

.htaccess (its possible in Apache to rename it) is inefficient and
suitable as a second-rate solution when you are using a hosted service
and lack full control of the server. VPSs are cheap and a better
alternative to hosted mail and web.

On my servers (C5 and C6) in IP Tables, I have three sets of blockages:

* permanent for all ports
* only for web (port 80)
* only for emails (port 25)

In web and emails there is a permanent table plus a monthly one (one for
every month). Perpetual pests go in the permanent tables and irritants
in the monthly table - otherwise the banned IPs entries would get too
large. 

A compromised computer trying to send me junk mail or trying to wrongly
access a web page or attempting to break-in to SQL (instantly identified
and IP instantly blocked because I impose string size limits for
the ?key=....) has its IP added to the monthly list and remains there
until one month after the last access from that IP address.

I am unwilling to be a passive victim of junk mail and web hackers. 

All home-made solutions but effective and robust. Centos made all this
possible (sincere thanks to the C-Team; they are all 'A*' rated).



-- 
Regards,

Paul.
England, EU.      England's place is in the European Union.