Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Where to place .htaccess file?

  • 03-12-2013 8:33am
    #1
    Registered Users, Registered Users 2 Posts: 411 ✭✭


    Hi,

    I'm having issues with my website. Someone is logging on thousands of times and downloading stuff over and over and it's making my bandwidth go nuts. I'm trying to block a few IP addresses of the biggest offenders with a .htaccess file, but I'm not sure 100% how to do this?

    I create the file in a text doc and call it .htaccess with the following text in it:
    # allow all except those indicated here
    <Files *>
    order 
    allow,deny
    allow from all
    deny from xxx.xxx.xxx.xxx
    deny from 
    .*example\.com.*
    </Files>
    
    But where do I upload the text file to? I use wordpress hosted by a Register365 account. In "File Manager" in my Register365 Control Panel, there is a "Web" and "Logs" folder in the root directory.

    Any ideas where I should upload this file to and am I going about this in the correct way?

    Thanks!


Comments

  • Moderators, Society & Culture Moderators Posts: 17,643 Mod ✭✭✭✭Graham


    In the root of your web site, it may be called something like public_html. It's the folder where your websites root default.php sits.

    Take a look at cloudflare.com too, you may be able to block the offender before he even hits your server/site.


  • Registered Users, Registered Users 2 Posts: 411 ✭✭v.e.r.b.a.l


    Thanks. Still not 100% how to block these guys. I looked at my Visitor Stats and picked the two IP addresses that are most frequent and causing the most kb.

    I read that adding a .htaccess file could stop these guys having access to my site. Looks like they could be some sort of bot that's downloading a 1mb picture file over and over again. I've replaced the picture with a flickr embedded image now instead, but my bandwidth is still climbing again this month (0.8gb in a day!!).

    I'm still not sure where to place the file though. In my File Manager, I found "default.po" and "default.mo", but no php version. It's in web>wp-content>themes>scope. Scope is the name of the wordpress theme that I use at the moment. Is this the correct spot to place the htaccess file?


  • Moderators, Society & Culture Moderators Posts: 17,643 Mod ✭✭✭✭Graham


    Instead of putting it in:

    web>wp-content>themes>scope

    just put it in the root:

    web


  • Registered Users, Registered Users 2 Posts: 411 ✭✭v.e.r.b.a.l


    Great. Thanks Graham!

    So, if i put in the two IP addresses that were causing most of the kb to be downloaded, that would probably cull the bandwidth yeah?

    Thanks for the help!


  • Registered Users, Registered Users 2 Posts: 7,521 ✭✭✭jmcc


    Great. Thanks Graham!

    So, if i put in the two IP addresses that were causing most of the kb to be downloaded, that would probably cull the bandwidth yeah?

    Thanks for the help!
    Do a WHOIS lookup on the IP addresses. They may be search engines.

    Regards...jmcc


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 411 ✭✭v.e.r.b.a.l


    jmcc wrote: »
    Do a WHOIS lookup on the IP addresses. They may be search engines.

    Regards...jmcc

    Thanks. Did that and it says the big one is TurkTelecom in Hungary. Probably the one I'm looking to block. Dunno why else I'd have such huge traffic from Hungary. I'm not very sure about how to figure out who the culprit is for definite, so I'm thinking of blocking the top 2 IP addresses that used the most kbs in the hope that my bandwidth will calm down.

    Is there another way?


  • Registered Users, Registered Users 2 Posts: 7,521 ✭✭✭jmcc


    Thanks. Did that and it says the big one is TurkTelecom in Hungary. Probably the one I'm looking to block. Dunno why else I'd have such huge traffic from Hungary. I'm not very sure about how to figure out who the culprit is for definite, so I'm thinking of blocking the top 2 IP addresses that used the most kbs in the hope that my bandwidth will calm down.
    Deep six all IPs from those ranges if you have no legitimate traffic from them.
    Is there another way?
    You can block at IP level on dedicated servers by .htaccess might be better if it is shared hosting. The alternative is to use httpd.conf (this option might not be available on shared hosting).

    Regards...jmcc


  • Registered Users, Registered Users 2 Posts: 7,521 ✭✭✭jmcc


    Just thinking about this, it might be better to use an IP level ban if you can do this or the httpd.conf. This is because, from what I remember, the .htaccess file is parsed every time the directory is loaded. If it is a complex file and the site is a high traffic site, it might put unnecessary load on the server.

    Regards...jmcc


  • Moderators, Society & Culture Moderators Posts: 17,643 Mod ✭✭✭✭Graham


    I mentioned it in passing earlier, take a look at cloudflare.com. It takes about 2 minutes to setup, just involves repointing your ns records at the cloudflare servers.

    You can then block specific IP's from even getting to your server, it also includes some automated threat detection to reduce the chances of it happening again. One of the biggest bonuses, the free service will do all of this so no need to dig into the pockets.

    Disclosure: nothing to disclose, just a satisfied customer.


Advertisement