Apache issue with blocking IPs

[baggs1981]

I'm trying something which is really basic but since upgrading to Apache 2.2.17 no matter what I change in the config file:

/etc/httpd/conf/httpd.conf

I can not get it to deny any IPs. I have the below for example:

<Directory "/var/www/html">
Options +Indexes +FollowSymLinks
AllowOverride None
Order allow,deny
deny from MYIPHERE
Allow from all
<IfModule mod_suphp.c>
suPHP_Engine On
suPHP_UserGroup webapps webapps
</IfModule>
</Directory>

Basically I am trying to block IPs that look like making dodgy attempts at the server (I know adding to firewall is best etc but want to be able to add here as can update the config via the DA CP).

Any ideas why no matter what I do (even 'deny from all' makes no difference)

 

[scsi]

order deny,allow
deny from ip
allow from all

 

[baggs1981]

Thanks, but I had that before and hjave changed it to that now but still doesn't make a difference. I am using:

/etc/httpd/conf/httpd.conf

<Directory />
Options All
AllowOverride All
Order deny,allow
deny from [MYIP]
allow from all
</Directory>

then did 'apachectl restart'

But my IP can still see the websites fine (and dodgy IPs that I listed as deny are still showing in the logs).

Any suggestions please?

 

[Richard G]

deny from [MYIP]
allow from all

Should be:
allow from all
deny from [some ip]

If you are going to use it that way.
http://httpd.apache.org/docs/1.3/mod/mod_access.html

 

[scsi]

Not if you use deny,allow

 

[Richard G]

No in that case you should use allow,deny.

You can't do it the way he want's with deny,allow because the "allow from all" will override his "deny from his ip".