| Author |
Message |
slackervaara
Worker
Joined: Aug 26, 2007
Posts: 236
|
 Posted:
Wed Jul 16, 2008 6:23 am |
|
To block hackers that are often behind a proxy from my site, I have added this to my .htaccess:
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^.* - [F]
After this Sentinel is rarely actvated anylonger. Unfortunately, one member canĀ“t access the site from her job at a govermental organization. I suggested that she try to access the site through a web proxy, like http://www.the-cloak.com/ . But she are not allowed to access these type of sites either. Do anyone have an idea how she could access my site from her job? |
| |
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Wed Jul 16, 2008 10:29 am |
|
Make a special condition for her IP range, that's the only way I see to do it. |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
slackervaara
|
| Posted:
Wed Jul 16, 2008 10:55 am |
|
I have this in .htaccess to stop ip-addresses from Turkey, but I have shortened it a lot.
<Limit GET HEAD POST>
order allow,deny
deny from 62.29.0.0/17
deny from 62.68.192.0/19
allow from all
</LIMIT>
Do you mean I should add her range to this?
<Limit GET HEAD POST>
order allow,deny
deny from 62.29.0.0/17
deny from 62.68.192.0/19
allow from her ip-range
allow from all
</LIMIT> |
| |
|
|
|
|
slackervaara
|
| Posted:
Mon Aug 04, 2008 2:13 am |
|
I have Googled and found this suggestion to unblock a certain domain, although it seems not to be tested in action:
RewriteCond %{HTTP_REFERER} !.*allowedproxydomain.com.*
Will it work? |
| |
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6437
|
| Posted:
Mon Aug 04, 2008 10:22 am |
|
You could try - it won't block your FTP access, so you can remove it if it doesn't. |
_________________
I search, therefore I exist...
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
slackervaara
|
| Posted:
Wed Aug 06, 2008 10:35 pm |
|
It did not work and I tried this:
RewriteCond %{HTTP_REFERER} !.*www.site.com.*
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
I also tried this line with the same result:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?site\.com
www.site.com was the domain name I wanted to allow to my site |
| |
|
|
|
|
evaders99
|
| Posted:
Wed Aug 06, 2008 11:07 pm |
|
That is to detect certain conditions by passing in the referer.
Are you sure the governmental organization has not blocked access on their end? Often it is a global firewall and/or blacklist. |
| |
|
|
|
|
slackervaara
|
| Posted:
Thu Aug 07, 2008 12:31 am |
|
I am now sure that it did not work, because when I removed the proxy blocker lines from .htaccess, she could access the site from her work. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
