Block Host String Wild Card with .htaccess?

Hello,

I was wondering if it was possible to block a wild card in a host string from accessing a site by using .htaccess?

As an example, in “cache-ntc-ac01.proxy.aol.com”, I’d want to block ntc. If it’s possible and anyone has the code to make it happen, that’d be great.

(That’s not the host string I want to block… I realize it’s a proxy. Simply for example purposes. :))

Any help would be appreciated.

Thanks,

Patrick

Have a look here, I think you’ll find what you’re after:

http://httpd.apache.org/docs/2.0/mod/mod_access.html#deny

You’ll want to be extremely thoughtful about this. It’s possible, as this Apache doc example shows

RewriteCond %{REMOTE_HOST} ^host1.* [OR]
RewriteCond %{REMOTE_HOST} ^host2.* [OR]
RewriteCond %{REMOTE_HOST} ^host3.*
RewriteRule …some special stuff for any of these hosts…
Note the regex
begins with string “host1” followed by zero or more of any character.
I don’t think it would be a good idea to block all hosts that contained such a short string as “ntc”, the chances are that there will be “good” hosts that match the pattern.
but if you feel confident that the regex pattern you come up with will match the target host and only the target host, I guess you could do it.
Personally, I block by IP not remote host.

You can use mod_rewrite, but if possible, stick with mod_access, its much less resource intensive.

Thanks for the replies. :slight_smile:

I realize the consequences of blocking wild cards. The string is not something like ntc. :slight_smile: But, I appreciate the concern.

I usually ban by IP, too, but this guy is an idiot. His IPs always change, but he has a very descriptive bit in his host string that most people don’t have, so I want to give that a try.

So, what would the code me if I just wanted to deny access to a host string with longdescriptiveword in it? The bit of text has letters/numbers both before and after it. I took a look at the link above, but I didn’t see anything about dealing with a wild card like this.

I appreciate your assistance.

Thanks,

Patrick

I guess you can’t post the exact example, but say it’s alpha-nums followed by “longdescriptivestring” followed by alpha-nums. Then the regex could be something like
[1]+longdescriptivestring[a-zA-Z0-9]+$
starts with 1 or more alpha-num chars followed by the string “longdescriptivestring” ending with 1 or more alpha-num chars
It would be better to use ranges if you can instead of “1 or more” if the alpha-num portions consistantly contain a certain number of characters. And be sure if there are other characters to include them in the expression too. For example, if the “longdescriptivestring” is always separated from the lead and tail portions by underscores then use “longdescriptivestring” for the string. If it’s always underscores or tildes then add the pattern to the expression. eg
[2]+[|~]longdescriptivestring[|~][a-zA-Z0-9]+$
Only you know what you’ve been dealing with so it’s up to you to fine tune the regex so this guy will always be blocked and no one else. But as long as the “longdescriptivestring” is consistantly used and assuredly unique you should be OK.


  1. a-zA-Z0-9 ↩︎

  2. a-zA-Z0-9 ↩︎

iF,

Pretty good answer from Mitt but don’t bother with the parts that you don’t need to match as that’s the same as eliminating them AND the start/end anchor (and MUCH less processor intensive). The message: Don’t match what you don’t need. The rest is EXCELLENT.

Regards,

DK

Hey guys,

Thanks for the replies. I appreciate them. Please know that I don’t know anything when it comes to this stuff. Like, what dklynn said doesn’t make any sense to me. I don’t know what parts do that or what parts don’t or what it even means. A lot of what everyone has said doesn’t make sense to me. Not anyones fault outside of my own, but I just wanted to go ahead and say it.

How would I structure that in an .htaccess file, Mittineague?

Order Deny,Allow
Deny from [1]+longdescriptivestring[a-zA-Z0-9]+$

? I’m sure that’s wrong, but I just don’t know. :slight_smile:

The string is like this:

abc1-longdescriptiveword12-9573514315.dsl.isp.net

This person has been posting comments on my blogs for a while and his host string structure was the same for a while (it had longdescriptiveword in it), but then his host string structure changed to the above. It’s been that way for a few months. Since that point, the string seems to stay the same except for the “9573514315” part which seems to change. So, I suppose we could try to block longdescriptiveword12 instead of just longdescriptiveword (or something more specific with that number string being the random part if you guys have a suggestion there). Any suggestions would be great. If you could put them in the form they’d need to be in in the .htaccess file, I would greatly appreciate that, as well.

Sending the guy to 404 would be preferable, but I’ll take 403, if that’s simpler. :slight_smile:

Again, I appreciate the help and I apologize for my lack of experience/understanding with this sort of thing.


  1. a-zA-Z0-9 ↩︎

iF,

Within .htaccess,

RewriteCond %{REMOTE_HOST} longdescriptiveword
RewriteRule .? - [F]

… would do the trick.

IF you have access to the httpd.conf file, however, better to use a more global (and read ONCE) Directory directive which applies to your server:

<Directory "{local/path/to/DocumentRoot}">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
    Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
#
    AllowOverride All

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all
    Deny from longdescriptivestring

</Directory>

I kept that in the format I have it in my test server’s httpd.conf file to help you find it.

As explanation of my above comment, it’s a “regex thing” that your processing will go faster if you don’t do what’s not necessary. In other words, if you don’t care what’s before longdescriptivestring, DON’T look for it. Same with whatever comes after longdescriptivestring. Since the ^ marks the start of the string and $ marks the end of the string, you don’t need those either! ALL YOU CARE ABOUT IS THAT THE REMOTE_HOST CONTAINS longdescriptivestring!

Regards,

DK

Ok, great. I’ll try that. Many thanks. :slight_smile: