Skip to content

Instantly share code, notes, and snippets.

@mnyrop

mnyrop/apache2-block-ips.md

Created November 19, 2020 22:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mnyrop/9e3be1b4855ea29906d86941de9368d4 to your computer and use it in GitHub Desktop.
Save mnyrop/9e3be1b4855ea29906d86941de9368d4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
apache2-block-ips.md

blacklist ips with apache conf (instead of .htaccess)

setup/enable ip blacklist (only once!)

  • edit apache conf to use blacklist using command /etc/apache2/apache2.conf. add the following lines: 
    # Block ip addresses in our ipblacklist.conf file
<Location />
   <RequireAll>
      Require all granted
      Include /etc/apache2/ipblacklist.conf
   </RequireAll>
</Location>

add to existing blacklist (as needed)

  • create/edit blacklist file using the command sudo nano /etc/apache2/ipblacklist.conf. for each address you want to block, create a line with Require not ip <address>, e.g., Require not ip 101.230.240.3. You can also add multiple addresses on one line separated by spaces, but it's harder to change/manage later.

(thanks to https://confluence.jaytaala.com/display/TKB/Securing+Apache+and+blocking+a+list+of+ip+addresses)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment