Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

Where to place .htaccess file?

  • 03-12-2013 9:33am
    #1
    v.e.r.b.a.l
    Registered Users Posts: 411 ✭✭


    Hi,

    I'm having issues with my website. Someone is logging on thousands of times and downloading stuff over and over and it's making my bandwidth go nuts. I'm trying to block a few IP addresses of the biggest offenders with a .htaccess file, but I'm not sure 100% how to do this?

    I create the file in a text doc and call it .htaccess with the following text in it: 
    # allow all except those indicated here
<Files *>
order 
allow,deny
allow from all
deny from xxx.xxx.xxx.xxx
deny from 
.*example\.com.*
</Files>
    But where do I upload the text file to? I use wordpress hosted by a Register365 account. In "File Manager" in my Register365 Control Panel, there is a "Web" and "Logs" folder in the root directory.

    Any ideas where I should upload this file to and am I going about this in the correct way?

    Thanks!


Comments

  • #2
    Graham
    Moderators, Society & Culture Moderators Posts: 17,642 Mod ✭✭✭✭Graham


    In the root of your web site, it may be called something like public_html. It's the folder where your websites root default.php sits.

    Take a look at cloudflare.com too, you may be able to block the offender before he even hits your server/site.


  • #3
    v.e.r.b.a.l
    Registered Users Posts: 411 ✭✭v.e.r.b.a.l


    Thanks. Still not 100% how to block these guys. I looked at my Visitor Stats and picked the two IP addresses that are most frequent and causing the most kb.

    I read that adding a .htaccess file could stop these guys having access to my site. Looks like they could be some sort of bot that's downloading a 1mb picture file over and over again. I've replaced the picture with a flickr embedded image now instead, but my bandwidth is still climbing again this month (0.8gb in a day!!).

    I'm still not sure where to place the file though. In my File Manager, I found "default.po" and "default.mo", but no php version. It's in web>wp-content>themes>scope. Scope is the name of the wordpress theme that I use at the moment. Is this the correct spot to place the htaccess file?


  • #4
    Graham
    Moderators, Society & Culture Moderators Posts: 17,642 Mod ✭✭✭✭Graham


    Instead of putting it in:

    web>wp-content>themes>scope

    just put it in the root:

    web


  • #5
    v.e.r.b.a.l
    Registered Users Posts: 411 ✭✭v.e.r.b.a.l


    Great. Thanks Graham!

    So, if i put in the two IP addresses that were causing most of the kb to be downloaded, that would probably cull the bandwidth yeah?

    Thanks for the help!


  • #6
    jmcc
    Registered Users Posts: 7,285 ✭✭✭jmcc


    v.e.r.b.a.l wrote: »
    Great. Thanks Graham!

    So, if i put in the two IP addresses that were causing most of the kb to be downloaded, that would probably cull the bandwidth yeah?

    Thanks for the help!
    Do a WHOIS lookup on the IP addresses. They may be search engines.

    Regards...jmcc


  • Advertisement
  • #7
    v.e.r.b.a.l
    Registered Users Posts: 411 ✭✭v.e.r.b.a.l


    jmcc wrote: »
    Do a WHOIS lookup on the IP addresses. They may be search engines.

    Regards...jmcc

    Thanks. Did that and it says the big one is TurkTelecom in Hungary. Probably the one I'm looking to block. Dunno why else I'd have such huge traffic from Hungary. I'm not very sure about how to figure out who the culprit is for definite, so I'm thinking of blocking the top 2 IP addresses that used the most kbs in the hope that my bandwidth will calm down.

    Is there another way?


  • #8
    jmcc
    Registered Users Posts: 7,285 ✭✭✭jmcc


    v.e.r.b.a.l wrote: »
    Thanks. Did that and it says the big one is TurkTelecom in Hungary. Probably the one I'm looking to block. Dunno why else I'd have such huge traffic from Hungary. I'm not very sure about how to figure out who the culprit is for definite, so I'm thinking of blocking the top 2 IP addresses that used the most kbs in the hope that my bandwidth will calm down.
    Deep six all IPs from those ranges if you have no legitimate traffic from them.
    Is there another way?
    You can block at IP level on dedicated servers by .htaccess might be better if it is shared hosting. The alternative is to use httpd.conf (this option might not be available on shared hosting).

    Regards...jmcc


  • #9
    jmcc
    Registered Users Posts: 7,285 ✭✭✭jmcc


    Just thinking about this, it might be better to use an IP level ban if you can do this or the httpd.conf. This is because, from what I remember, the .htaccess file is parsed every time the directory is loaded. If it is a complex file and the site is a high traffic site, it might put unnecessary load on the server.

    Regards...jmcc


  • #10
    Graham
    Moderators, Society & Culture Moderators Posts: 17,642 Mod ✭✭✭✭Graham


    I mentioned it in passing earlier, take a look at cloudflare.com. It takes about 2 minutes to setup, just involves repointing your ns records at the cloudflare servers.

    You can then block specific IP's from even getting to your server, it also includes some automated threat detection to reduce the chances of it happening again. One of the biggest bonuses, the free service will do all of this so no need to dig into the pockets.

    Disclosure: nothing to disclose, just a satisfied customer.


Advertisement