Filtering IPs

[TexasOwnzYou]

Here's the deal.

I have this page on my site, but I want only a certain range of IPs to be able to access it.

I dont know too much HTML, but how would i go about doing this?

btw, i made my site in frontpage.

thanks

 

[dustin_c1]

If you are running the apache web server, just add these lines to your .htaccess file

order deny, allow
deny from all
allow from 66.124.
allow from .rr.com


If you don't enter a full IP address, it will allow from the entire range. In other words, 66.124. = 66.124.xxx.xxx. It works similarly for domains. Any subdomain of rr.com will be allowed access.

 

[blacklab]

you can write a script in perl or javascript to check the ip of the browser and redirect the person somewhere else.

in perl
$ip = $ENV{REMOTE_ADDR};
if ($ip !~ /xxx.xxx.xxx.xxx/){
print "Location: goaway.com nn";
}

javasript/ssi
<script language="javascript">
var ip = '<!--#echo var="REMOTE_ADDR"-->'
if (ip != "xxx.xxx.xxx.xxx"){
window.location = "goaway.com";
}
</script>

 

[TexasOwnzYou]

i dont know if my host uses apache or whatnot.

in javascript, how do i ban/allow a range of ips?

In reply to:

---

---

 

[dustin_c1]

A series of conditionals? OH GOD NO! You use pattern matching, or regular expressions.

Google the String::match method for javascript.

Your code will look something like this:


var ip = // put code to get the IP address
var ipRange = /66.34.*/;

if (!ip.match(ipRange)) {
// deny
}

This is tricky if you aren't familiar with regexp. A period (".") means "match any one character." To match a period, you have to escape it by adding a "" character. So, to match a period, you need "."

An asterisk, matches any number of character.

So /66.34.*/ means "match the IP address with 66.34. and anything else."

Oh, and if this is important to keep private, DO NOT use the javascript method. The javascript method won't protect your HTML files from anyone even moderately technically inclined. Also, some users may have javascript turned off by default, and your method of keeping them out just won't work.

 

[Bob Wills]

If you're talking about the same webserver that is hosting your sig images, then it's a Debian box running Apache.

 

[TexasOwnzYou]

how would i access the '.htaccess' file?

i cant see it by ftping to it. i dont reall know how to ssh or anything :/

can i just create a txt file and rename it to .htaccess and will it do the trick?

EDIT: just tried doing that and windows is being bitchy to create a file w/o a name and just an extension :/

 

[Bob Wills]

Logging into the shell via ssh is not too bad. Check out the free PuTTY client.

Many unix servers include text editing tools such as vi, joe, and pico. Type those commands and see if any work on your server. pico and joe are probably the easiest to use right away, but vi is pretty powerful if you end up doing a lot of file editing in unix.


After you use ssh to access the server...

[you@yourserver] $ ls -al

[you@yourserver] $ cd (wherever your files/directories are located)

[you@yourserver] $ pico .htaccess


Alternatively, yes, you may be able to create htaccess.txt, ftp it over, and then rename it to .htaccess

 

[TexasOwnzYou]

cool

i could copy over the .txt file and rename it.

but.......


here is what i have in it now


order deny, allow
deny from all
allow from 129.116.
allow from .utexas.edu

now, i cant access the site and i live on campus :/ (and my ip starts with those #'s)

i also tried w/o the IP line and still the same result. what am i doing wrong ? :/

 

[dustin_c1]

Try getting rid of the space. I think Apache is choking on that.

Do:

order deny,allow
deny from all
allow from 129.116.
allow from .utexas.edu

 

[TexasOwnzYou]

nice!! it works!!! thanks to everyone that helped.

btw, is it possible to fwd them to a seperate page if their IP is in the blocked range?

my host puts up a "FORBIDDEN" page, but i'd like something a little friendlier.

EDIT :

nm, figured it out using ErrorDocument 403

thanks a bunch for the help!

 

[dustin_c1]

Add this line you your .htaccessfile and create a file in your web root directory called forbidden.html

ErrorDocument 403 /forbidden.html

Or you can even inline html.

Try:

ErrorDocument 403 "<html><body>You aren't me, so bugger off</p></body></html>