How do I use htaccess to redirect a bunch IPs to a text file on my server?
October 26, 2006 1:30 PM   Subscribe

Using htaccess, I'd like to redirect all requests from a random set of IPs to a text file explaining that the IP has been banned. What would be the easiest and most efficient way to do this?

I'm trying to stop splogs and comment spammers from ever reaching my server. I know I can simply block them using deny, allow rules, but I don't want to just block -- I want potential innocents to be directed to a note just in case I get overzealous in my blocking.
posted by maxpower to Computers & Internet (5 answers total)
A common way of doing this is:

<Directory /docroot>
RewriteEngine on
RewriteCond %{REMOTE_ADDR} 10\.0\.0\.3
RewriteRule ^index.html$ special_index.html [L]

Mind you, this would be used in an httpd.conf file, so in a .htaccess file, you remove the <Directory> tags. The IP address is a regular expression, so you could append the multiple addresses in that line; alternatively, you could use the "[OR]" flag:

RewriteCond %{REMOTE_ADDR} 192\.168\.0\.1 [OR]
RewriteCond %{REMOTE_ADDR} 192\.168\.10\.5 [OR]
RewriteCond %{REMOTE_ADDR} 192\.168\.100\.50
RewriteRule ^index.html$ special_index.html [L]
posted by bachelor#3 at 3:50 PM on October 26, 2006

Or using the rather more suitable mod_access:

ErrorDocument 403 denied.html
Order Deny, Allow
Deny from 252.121.41

posted by Freaky at 6:20 PM on October 26, 2006

Oops, better make that ErrorDocument:

ErrorDocument 403 /denied.html

Since it's a URL in that form. You can also use a string if you like:

ErrorDocument "Your IP is blocked. Contact maxpower if you aren't a dirty rotten spammer."

Using mod_rewrite for this sort of thing is rather like using a sword to spread butter. It works (mostly), but swords are meant for bigger things, where the benefits outweigh the risk of cutting off an arm because of a misplaced backslash.
posted by Freaky at 6:46 PM on October 26, 2006

You don't have your website in your profile, and you don't mention if you are using a package like Wordpress or the like for the site. But, if you are using Wordpress, Drupal, or another PHP-based system, check out Bad Behavior. It's done amazing things for the sites I host. What little comment spam I receive is caught by Asimet.
posted by jeversol at 5:57 AM on October 27, 2006

Response by poster: Thanks for everyone's input. I'll check out the suggestions. I have no problems at all stopping spam on my website. However, I also have a few splogs that steal via the RSS feed. As far as I know, IP blocking is the only way to stop these guys.
posted by maxpower at 6:21 PM on October 27, 2006

« Older Friend + kiss = now + history   |   I'm a Devo-ted fan of this idea... Newer »
This thread is closed to new comments.