Kroko Just another WordPress weblog

March 5, 2014

.htaccess file to block IP’s coming from Nginx reverse proxy

Filed under: Cpanel — admin @ 9:16 pm

If you have a Nginx reverse proxy in front of your Apache webserver the .htaccess format is:

# ALLOW USER BY IP
order deny,allow
SetEnvIF X-Forwarded-For "1.2.3.4" DenyIP
SetEnvIF X-Forwarded-For "10." DenyIP
Deny from env=DenyIP
 

You must use X-Forward or it will not work unless the reverse proxy is setup in a certain way. As you can see, just update the IP’s you want blacklisted and they will be blocked. Yes, you can do the same thing with a firewall, but webmasters don’t have control of those.

Why?
The reason I did this recently is because of a Nginx + cPanel server setup running shared hosting. When a domain gets caught spamming due to insecure scripts or it’s getting hammered by an exploit, it is best to suspend the domain. Yes, but then when the client wants to work on it, they can’t.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress