0

Let's say I have a file list_of_naughty_ip_blocks.conf. Can I use the include directive to achieve the equivalent of line 8 below in my httpd.conf? If so, what is the proper syntax? Anything to note about the formatting & syntax of list_of_naughty_ip_blocks.conf?

SetEnvIfNoCase User-Agent "FNetwork" UnwantedRobot
SetEnvIfNoCase User-Agent "NG 1.x" UnwantedRobot
SetEnvIfNoCase User-Agent "larbin" UnwantedRobot

<Directory "/var/www/">
    Order Allow,Deny
    Allow from all
    Deny from env=UnwantedRobot
    Deny from "list_of_naughty_ip_blocks.conf"
</Directory>

Edited for clarity.

Owen Blacker
  • 631
  • 1
  • 8
  • 20
Ferdinand.Bardamu
  • 1
  • 1

3 Answers3

1

Just have the "Deny from" keyphrase in the include file:

<Location /secret/>
  Order Allow,Deny
  Allow from all
  Deny from env=UnwantedRobot
  Include conf.d/moredeny.inc
</Location>

In moredeny.inc

Deny from 192.168.1.1
Deny from 192.168.66.1
Deny from 192.168.1.1
HampusLi
  • 3,478
  • 17
  • 14
0

http://httpd.apache.org/docs/2.0/mod/core.html#include

ceving
  • 534
  • 4
  • 26
  • Yes, I read that but it didn't directly answer my question, which is about the syntax. I take it you think what I proposed will work just fine? – Ferdinand.Bardamu Sep 13 '11 at 08:32
0

A 'dirty' way is use sed to append a line after env=UnwantedRobot pattern. Assuming that you have the following in httpd.conf:

<Directory "/var/www/">
    Order Allow,Deny
    Allow from all
    Deny from env=UnwantedRobot
</Directory>

and the ip.txt file includes:

1.2.3.4
5.6.7.8

run the following command:

$ while read ip; do sed -i '/env=UnwantedRobot/ a\ 
                    \tDeny\ from\ '"$ip"'' httpd.conf; done < ip.txt

you will get the results:

<Directory "/var/www/">
    Order Allow,Deny
    Allow from all
    Deny from env=UnwantedRobot
    Deny from 5.6.7.8
    Deny from 1.2.3.4
</Directory>
  • -i means edit file in place
  • a stand for append
quanta
  • 51,413
  • 19
  • 159
  • 217