After extensive searching, I actually found my answer in the archive here....I needed to put the deny rules in a <Location> tag in httpd.conf rather than VirtualHost, Directory, or .htaccess.
Thanks everyone, Aaron On 12/6/07 12:32 PM, "fredk2" <[EMAIL PROTECTED]> wrote: > > > Hi, > > Any reasons as to why not set the directives in the httpd.conf instead of > .htaccess ? > .htaccess only matters to requests for the directory it is in. > > Fred > > Aaron Brown-5 wrote: >> > >> > I've been trying to block the litefinder malicious bot which scours our >> > site >> > every day and tries to access pages with the incorrect case, thus causing >> > crazy amounts of errors to get thrown. >> > >> > We have an Apache 2.2.4 front end using mod_jk to load balance against 9 >> > Tomcat instances on 6 separate machines. >> > >> > I have an .htaccess file that blocks based on user agent along with some >> > known ip addresses for the bot. This works correctly for all static >> > content. That is, when I change my browser's user agent to "litefinder", >> > and access the site, I am denied all gif, jpg, css, js, etc files. >> > However, >> > all the dynamic content is passed on to Tomcat without honoring the rules >> > in >> > .htaccess, thus not solving my problem. >> > >> > My question is basically, how do I/can I make Apache enforce my deny rules >> > even for JkMount'ed data? If you need more info, I'm happy to provide. >> > >> > Thanks! >> > Aaron >> > >> > ========================== >> > >> > Here is the .htaccess file in my webroot: >> > >> > #block litefinder malicious crawler >> > SetEnvIfNoCase User-Agent LiteFinder stayout=1 >> > Order Allow,deny >> > Allow from all >> > Deny from env=stayout >> > Deny from 208.101.44.3 >> > Deny from 209.160.65.42 >> > Deny from 209.62.109.178 >> > Deny from 216.40.220.34 >> > Deny from 216.40.222.50 >> > Deny from 216.40.222.66 >> > Deny from 216.40.222.82 >> > Deny from 216.40.222.98 >> > Deny from 67.19.114.226 >> > Deny from 67.19.250.26 >> > Deny from 70.85.113.242 >> > Deny from 74.53.243.226 >> > Deny from 74.53.243.242 >> > Deny from 74.53.244.18 >> > Deny from 74.53.249.34 >> > Deny from 74.86.209.74 >> > Deny from 74.86.249.98 >> > Deny from 75.125.18.178 >> > Deny from 75.125.47.162 >> > Deny from 75.125.52.146 >> > Deny from 84.19.176.208 >> > Deny from 87.118.118.111 >> > Deny from 87.118.98.57 >> > Deny from 87.118.98.62 >> > >> > Here is the relevant section from my httpd.conf >> > >> > <VirtualHost ****:80> >> > DocumentRoot **** >> > ServerName ***** >> > JkMount /jkstatus/* status >> > JkMount /* v3lb >> > JkMount /captcha/Captcha.jpg v3lb >> > JkUnMount /member/bzzmap/*.xml v3lb >> > JkUnMount /member/bzzmap/*.swf v3lb >> > JkUnMount /manager/* v3lb >> > JkUnMount /images/* v3lb >> > JkUnMount /awstats/* v3lb >> > JkUnMount /img/* v3lb >> > JkUnMount /js/* v3lb >> > JkUnMount /*.gif v3lb >> > JkUnMount /*.png v3lb >> > JkUnMount /*.pdf v3lb >> > JkMount /captcha/* v3lb >> > JkUnMount /member/campaigns/*.jpg v3lb >> > JkUnMount /*.css v3lb >> > JkUnMount /*.html v3lb >> > JkUnMount /*.mov v3lb >> > JkUnMount /*.wmv v3lb >> > JkUnMount /*.rm v3lb >> > JkUnMount /*.ram v3lb >> > #JkUnMount /*.swf v3lb >> > JkUnMount /*.mpeg v3lb >> > JkUnMount /*.mpg v3lb >> > JkUnMount /*.mp3 v3lb >> > JkUnMount /*.xml v3lb >> > JkMount /dwr v3lb >> > ErrorLog logs/www.error_log >> > CustomLog logs/www.access_log combined >> > </VirtualHost> >> > >> > >> > --------------------------------------------------------------------- >> > To start a new topic, e-mail: users@tomcat.apache.org >> > To unsubscribe, e-mail: [EMAIL PROTECTED] >> > For additional commands, e-mail: [EMAIL PROTECTED] >> > >> > >> > > > -- > View this message in context: > http://www.nabble.com/Tomcat-and-Apache-Deny-rules-tf4956657.html#a14196976 > Sent from the Tomcat - User mailing list archive at Nabble.com. > > ------------------------------------------------------- Aaron Brown, Systems Engineer BzzAgent, Inc. | www.bzzagent.com [EMAIL PROTECTED] | 617.451.2280 -------------------------------------------------------
