Composr: apache access DENY vs REQUIRE NOT IP
Posted: Tue May 21, 2019 3:46 pm
Hello,
right now the composr system works with the apache2 webserver but if you upgrade to apache2.4+ you will need to also use the "access_compat" module as some of apache language has changed.
I am using the "apache ultimate bad bot blocker"
https://github.com/mitchellkrogza/apach ... ot-blocker
I am using the new version of the bad bot blocker which uses the new apache language, and "access_compat" module is not used…. so to fix…
copy /sources/failure.php to /sources_custom/failure.php
edit /sources_custom/failure.php
find the function add_ip_ban around line 754 or so.
replace the 'deny ' with 'Require not ip ' in 4 locations.
find the function remove_ip_ban
replace the 'deny ' with 'Require not ip ' in 2 locations.
edit your /.htaccess
towards the very bottom change so it looks something like this:
reload your website to make sure the .htaccess is OK
I have not tested the failure.php but assume that bit will work.
NOTE: check other .htaccess files in other directories and update if needed
https://compo.sr/forum/topicview/browse ... eny-vs.htm
right now the composr system works with the apache2 webserver but if you upgrade to apache2.4+ you will need to also use the "access_compat" module as some of apache language has changed.
I am using the "apache ultimate bad bot blocker"
https://github.com/mitchellkrogza/apach ... ot-blocker
I am using the new version of the bad bot blocker which uses the new apache language, and "access_compat" module is not used…. so to fix…
copy /sources/failure.php to /sources_custom/failure.php
edit /sources_custom/failure.php
find the function add_ip_ban around line 754 or so.
replace the 'deny ' with 'Require not ip ' in 4 locations.
find the function remove_ip_ban
replace the 'deny ' with 'Require not ip ' in 2 locations.
edit your /.htaccess
towards the very bottom change so it looks something like this:
Code: Select all
<RequireAll>
Require all granted
# IP bans go here (leave this comment here! If this file is writeable, Composr will write in IP bans below, in sync with its own DB-based banning - this makes DOS/hack attack prevention stronger)
# Require not ip xxx.xx.x.x (leave this comment here!)
Require not ip 212.7.220.20
</RequireAll>
I have not tested the failure.php but assume that bit will work.
NOTE: check other .htaccess files in other directories and update if needed
https://compo.sr/forum/topicview/browse ... eny-vs.htm