| Author |
Message |
fkelly
Moderator
Joined: Aug 30, 2005
Posts: 3186
Location: near Albany NY
|
 Posted:
Sat Aug 04, 2007 3:29 pm |
 
|
Yes I've searched 
Assuming that you've got NS set up with a htaccess path successfully. Now you want to ban specific countries (a lot of them). My understanding is that the way to do this is to import the countries to blocked ranges. I've done that but then checking htaccess they aren't written.
Looking at abbblockedrangeaddsave in the /admin/modules/nukesentinel directory it does appear to write to htaccess as well as to the blocked ranges table. So if I go into the blocked range menu and add a range "manually" by specifying IP addresses, presumably it will also write to htaccess. I like that because then the hackers never even get to Nuke.
However looking at: abimportblockedrange it appears to simply write to the blocked ranges table. This happens after you select countries from the menu and say to save them as blocked. There is no code in there for htaccess ... which kind of confirms what I'm seeing as results.
So my question: is this intentional? Would it create problems to also write these to htaccess? Or am I missing something and there is another step I'm supposed to take? Is there some other way that you are supposed to get IP2country ranges banned?
thanks in advance. |
|
|
 
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6044
|
| Posted:
Mon Aug 06, 2007 5:18 am |
|
I don't think importing to blocked ranges is intended to affect htaccess. I suppose that might be a nice enhancement, but I believe that htaccess is only updated when an attack is blocked. |
|
|
|
|
|
Doulos
Life Cycles Becoming CPU Cycles
Joined: Jun 06, 2005
Posts: 545
|
| Posted:
Mon Aug 06, 2007 7:16 am |
|
I believe importing to blocked ranges causes NS to block them, while .htaccess blocks them before they get to NS. |
|
|
|
|
|
fkelly
Moderator
Joined: Aug 30, 2005
Posts: 3186
Location: near Albany NY
|
| Posted:
Mon Aug 06, 2007 7:46 am |
|
That is true. I am just trying to see if that was the intent and whether there is a reason we don't want such ranges in htaccess or whether the NS author just ran out of time to do it. It would be better in many respects if the ranges were in htaccess (I think) but I may not have thought about any downsides. And I very much appreciate the fact that the software costs zero dollars and represents thousands of hours of free labor so this is not a complaint, just a question on my part to see if I'm missing something. |
|
|
|
|
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6044
|
| Posted:
Mon Aug 06, 2007 10:21 am |
|
No reason that I am aware of, but I'm not sure Bob ran out of time to do it. My guess is that it wasn't considered. The IPs are still blocked, just not by the server. |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::