[CentOS] .htaccess file

Sun Aug 28 21:35:53 UTC 2016
TE Dukes <tdukes at palmettoshopper.com>


> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Albert McCann
> Sent: Sunday, August 28, 2016 2:01 PM
> To: 'CentOS mailing list'
> Subject: Re: [CentOS] .htaccess file
> 
> > -----Original Message-----
> > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org]
> On
> > Behalf Of TE Dukes
> > Sent: Sunday, August 28, 2016 10:36 AM
> 
> > My home system on a DSL line is getting worn out by bad behavior robots.
> 
> > Awhile back, I created a .htaccess file that block countries by IP
blocks.
> > Its 2MB in size.
> 
> ...
> > So, today, I tried following the directions for apache.org website,
> > https://httpd.apache.org/docs/current/howto/htaccess.html to move the
> > .htaccess
> 
> What version of CentOS are you using?
> 
> For 7.x, and I think 6.x, there is a much simpler way of doing this, using
> mod_geoip from the Epel repository.
> 
> It rejects all unwanted HTTP connections using 403 responses. Here's an
> example geoip.conf file, which is what I'm using:
> 
> ----
> <IfModule mod_geoip.c>
>   GeoIPEnable On
>   GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache
>   GeoIPOutput Env
> # Proxies
>   SetEnvIf GEOIP_COUNTRY_CODE A1 BlockCountry #Country blocks
>   SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry
>   SetEnvIf GEOIP_COUNTRY_CODE IR BlockCountry #... more countries using
> the two char country code </IfModule>
> ----
> On C7 this file goes here /etc/httpd/conf.d/geoip.conf
> 
> Make sure that /etc/httpd/conf.modules.d/10-geoip.conf loads the library
> file, and is not remarked out with a #.
> 
> There is more info on mod_geoip here (but use the installation from Epel)
> though:
> 
> http://dev.maxmind.com/geoip/legacy/mod_geoip2/
> 
> I run a server for personal family purposes, and use this to block many of
the
> places my family doesn't live...
> 
> Al McCann
> Certe, Toto, sentio nos in Kansate non iam adesse.
[Thomas E Dukes] 
Thanks,

I'll take a look at that as well. I am getting hit on several services but
httpd is getting the majority.

Thanks!!