[SOLVED] Pretty URLs and Apache 2.4
Posted: Sun Jul 06, 2014 8:14 am
Hi Guys,
I hope someone can point me in the right direction to two simple questions.
Using CMS 1.11.10 and have been subjected to a DDOS attack for the last 10 days (but the attack is a different story!). While working with my ISP to block the attack they modified the .htaccess file by inserting:
order deny, allow
deny all
allow xx.xx.xx.xx
where xx.xx.xx.xx is my IP address. Note that they did not insert it as the first line of the file. This meant my website was reporting error 403 ('Forbidden') to all viewers (basically it was 'off-line'). That was fine as before the ISP did that, we had exceeded our bandwidth limit for a whole month in about 4 days (peak was 863MB per day!). The need to be 'off-line was understood fully.
Now the problem - last night at about 18:00, the ISP updated their webserver to Apache 2.4 and the bandwidth used by the website immediately quadrupled. It turns out there was an incompatibilty between the .htaccess code I was using for pretty URLs, the 'order deny,allow' code they had inserted such that the site was no longer giving the 403 error, as well as Apache 2.4 and the site was now 'live' again. Once we had bottomed that incompatibilty, they just put in a plain .htaccess file with the single line of
Require ip xx.xx.xx.xx
where xx.xx.xx.xx is my IP Address.
Now of course, the website doesn't work as the pretty URLs .htaccess commands have been removed. Now the simple questions:
1. My original .htaccess file was created several years ago using the step by step instructions given on the CMS Made Simple advice pages. So, is the sample file 'htaccess.txt' from the CMS doc folder compatible with Apache 2.4 please?
2. When adding a 'require ip xx.xx.xx.xx' command to the .htaccess file, should it be the very first line of the .htaccess file?
Any answers would be very much appreciated and thanks in advance.
Mike Lyne
I hope someone can point me in the right direction to two simple questions.
Using CMS 1.11.10 and have been subjected to a DDOS attack for the last 10 days (but the attack is a different story!). While working with my ISP to block the attack they modified the .htaccess file by inserting:
order deny, allow
deny all
allow xx.xx.xx.xx
where xx.xx.xx.xx is my IP address. Note that they did not insert it as the first line of the file. This meant my website was reporting error 403 ('Forbidden') to all viewers (basically it was 'off-line'). That was fine as before the ISP did that, we had exceeded our bandwidth limit for a whole month in about 4 days (peak was 863MB per day!). The need to be 'off-line was understood fully.
Now the problem - last night at about 18:00, the ISP updated their webserver to Apache 2.4 and the bandwidth used by the website immediately quadrupled. It turns out there was an incompatibilty between the .htaccess code I was using for pretty URLs, the 'order deny,allow' code they had inserted such that the site was no longer giving the 403 error, as well as Apache 2.4 and the site was now 'live' again. Once we had bottomed that incompatibilty, they just put in a plain .htaccess file with the single line of
Require ip xx.xx.xx.xx
where xx.xx.xx.xx is my IP Address.
Now of course, the website doesn't work as the pretty URLs .htaccess commands have been removed. Now the simple questions:
1. My original .htaccess file was created several years ago using the step by step instructions given on the CMS Made Simple advice pages. So, is the sample file 'htaccess.txt' from the CMS doc folder compatible with Apache 2.4 please?
2. When adding a 'require ip xx.xx.xx.xx' command to the .htaccess file, should it be the very first line of the .htaccess file?
Any answers would be very much appreciated and thanks in advance.
Mike Lyne