Deny visitors by IP address

The visitor blocking facilities offered by the Apache Web Server enable us to deny access to specific visitors, or allow access to specific visitors. This is extremely useful for blocking unwanted visitors, or to only allow the web site owner access to certain sections of the web site, such as an administration area. To set-up visitors restrictions and blocking, create a .htaccess file following the main instructions and guidance which includes the following text:

order allow,deny deny from 255.0.0.0 deny from 123.45.6. allow from all

The above lines tell the Apache Web Server to block visitors from the IP address '255.0.0.0' and '123.45.6.', note the second IP address is missing the fourth set of digits, this means any IP address which matches the firth three set of digits will be blocked, e.g. '123.45.6.10' and '123.45.6.255' would be blocked.

To set-up blocking of all visitors except yourself, create a .htaccess file following the main instructions and guidance which includes the following text:

order allow,deny allow from 255.0.0.0 deny from all

The above lines tell the Apache Web Server to block all visitors except those with the IP address '255.0.0.0', which you should replace with your own IP address.

You may add any number of 'deny from' and 'allow from' records after the 'order allow,deny'. Note the change from 'allow from all' to 'deny from all' on the bottom line, this is important and must be changed depending on your requirements. If you want to allow your visitor access, you would use 'allow from all' and place 'deny from' lines above.

Blocked visitors will be shown a '403 Forbidden' error message. You can customise this error message by following the 'Error Documents' section of this article.

Hot link prevention techniques

Hot link prevention refers to stopping web sites that are not your own from displaying your files or content, e.g. stopping visitors from other web sites. This is most commonly used to prevent other web sites from displaying your images but it can be used to prevent people using your JavaScript or CSS (cascading style sheet) files. The problem with hot linking is it uses your bandwidth, which in turn costs money, hot linking is often referred to as 'bandwidth theft'.Using .htaccess we can prevent other web sites from sourcing your content, and can even display different content in turn. For example, it is common to display what is referred to as an 'angry man' images instead of the desired images.

Note, this functionality requires that 'mod_rewrite' is enabled on your server. Due to the demands that can be placed on system resources, it is unlikely it is enabled so be sure to check with your system administrator or web hosting company.

To set-up hot link prevention for '.gif', '.jpg' and '.css' files, create a .htaccess file following the main instructions and guidance which includes the following text:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC] RewriteRule .(gif|jpg|css)$ - [F]

The above lines tell the Apache Web Server to block all links to '.gif', '.jpg' and '.css' files which are not from the domain name 'http://www.yourdomain.com/'. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.

To set-up hot link prevention for '.gif', '.jpg' files which displays alternate content (such as an angry man image), create a .htaccess file following the main instructions and guidance which includes the following text:

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC] RewriteRule .(gif|jpg)$ http://www.yourdomain.com/hotlink.jpg [R,L]

The above lines tell the Apache Web Server to block all links to '.gif' and '.jpg' files which are not from the domain name 'http://www.yourdomain.com/' and to display the file 'http://www.yourdomain.com/hotlink.jpg' instead. Before uploading your .htaccess file ensure you replace 'yourdomain.com' with the appropriate web site address.

DirectoryIndex uses

The directoryindex command allows you to specify a default page to display when a directory is accessed. For instance, if a visitor requests a directory on your web site, you can specify the file to load when the directory is accessed (if a filename is not specified in the initial request). For example, to display a 'index.html' file rather than showing directory listings or to load a 'index.php' file rather than an 'index.html' file.To set-up a directoryindex, create a .htaccess file following the main instructions and guidance which includes the following text:

DirectoryIndex index.html

The above lines tell the Apache Web Server to display the 'index.html' file, whenever the directory containing this .htaccess file (or any subdirectory) is accessed.

We can setup a directoryindex to call multiple files using the following text:

DirectoryIndex index.html index.cgi index.php

The above lines tell the Apache Web Server to display the 'index.html' file as the directoryindex, if this file is not available then display 'index.cgi', and if this is not available then display 'index.php'.

If not of the specified files are available, the Apache Web Server will revert to it's default settings, either displaying an error message, a directory listings not available message, or displaying the directory listings of files and directories (this can be prevented which we discuss in section 'Prevent viewing of directory listings').

Blocking offline browsers and 'bad bots'

Offline browsers are pieces of software which download your web page, following the links to your other web pages, downloading all the content and images. The purpose of this is innocent, so the visitor can log off the Internet and browse the site without a connection, but the demand on the server and bandwidth usage can be expensive. Bad bots as they are often called refers to programs which visit your web site, either to source content, look for security holes or to scan for email addresses. This is often how your email address ends up on 'Spam' databases, because they have set a 'bot' to scan the Internet and collect email addresses. These programs and 'bots' often ignore the rules set out in 'robot.txt' files.Below is a useful example of how to block some common 'bots' and site rippers. Create a .htaccess file following the main instructions and guidance which includes the following text:

RewriteEngine On RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot mailto:craftbot@yahoo.com [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC Web Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web Image Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.* - [F,L]

Adding MIME types

MIME types set what a file is, or rather what file extensions refer to what file types. For example, a '.html' file extension refers to a HTML document, a '.zip' file extension refers to a ZIP archive file. The server needs to know this so it knows how to deal with the file. This is often used to create custom file extension for common file types.To setup a MIME type, create a .htaccess file following the main instructions and guidance which includes the following text:

AddType text/html htm0

'AddType' specifies that you are adding a MIME type. The second part is the MIME type, in this case text or HTML, and the final part is the file extension, in this example 'htm0'.

A common issue with MP3 or SWF files not playing can be resolved with the following text:

AddType application/x-shockwave-flash swf

A handy trick, to force a file to be downloaded, via the 'Save As' feature in the web browser, set the MIME type to application/octet-stream and the browser will immediately prompt for download. Note, this does not work consistently in some versions of Microsoft Internet Explorer.

Here is a list of various MIME types and some associations:

AddType text/html .html .htm AddType text/plain .txt AddType text/richtext .rtx AddType text/tab-separated-values .tsv AddType text/x-setext .etx AddType text/x-server-parsed-html .shtml .sht AddType application/macbinhex-40 .hqx AddType application/netalivelink .nel AddType application/netalive .net AddType application/news-message-id AddType application/news-transmission AddType application/octet-stream .bin .exe AddType application/oda .oda AddType application/pdf .pdf AddType application/postscript .ai .eps .ps AddType application/remote-printing AddType application/rtf .rtf AddType application/slate AddType application/zip .zip AddType application/x-mif .mif AddType application/wita AddType application/wordperfect5.1 AddType application/x-csh .csh AddType application/x-dvi .dvi AddType application/x-hdf .hdf AddType application/x-latex .latex AddType application/x-netcdf .nc .cdf AddType application/x-sh .sh AddType application/x-tcl .tcl AddType application/x-tex .tex AddType application/x-texinfo .texinfo .texi AddType application/x-troff .t .tr .roff AddType application/x-troff-man .man AddType application/x-troff-me .me AddType application/x-troff-ms .ms AddType application/x-wais-source .src AddType application/x-bcpio .bcpio AddType application/x-cpio .cpio AddType application/x-gtar .gtar AddType application/x-shar .shar AddType application/x-sv4cpio .sv4cpio AddType application/x-sv4crc .sv4crc AddType application/x-tar .tar AddType application/x-ustar .ustar AddType application/x-director .dcr AddType application/x-director .dir AddType application/x-director .dxr AddType application/x-onlive .sds AddType application/x-httpd-cgi .cgi AddType image/gif .gif .GIF AddType image/ief .ief AddType image/jpeg .jpeg .jpg .jpe .JPG AddType image/tiff .tiff .tif AddType image/x-cmu-raster .ras AddType image/x-portable-anymap .pnm AddType image/x-portable-bitmap .pbm AddType image/x-portable-graymap .pgm AddType image/x-portable-pixmap .ppm AddType image/x-rgb .rgb AddType image/x-xbitmap .xbm AddType image/x-xpixmap .xpm AddType image/x-xwindowdump .xwd AddType audio/basic .au .snd AddType audio/x-aiff .aif .aiff .aifc AddType audio/x-wav .wav AddType audio/x-pn-realaudio .ram AddType audio/x-midi .mid AddType video/mpeg .mpeg .mpg .mpe AddType video/quicktime .qt .mov AddType video/x-msvideo .avi AddType video/x-sgi-movie .movie AddType message/external-body AddType message/news AddType message/partial AddType message/rfc822 AddType multipart/alternative AddType multipart/appledouble AddType multipart/digest AddType multipart/mixed AddType multipart/parallel AddType x-world/x-vrml .wrl

How to install Subversion on a shared Server

Installation Instructions

These instructions assume basic proficiency with the Unix command line. Note that the goal is to install the SVN client, plan on hosting your repositories somewhere else.

Connect to your account with ssh and create a working directory, mine’s called _src:

cd
mkdir _src
cd _src

get http://subversion.tigris.org/downloads/subversion-1.4.6.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.4.6.tar.gz

tar -xzvf subversion-1.4.6.tar.gz
tar -xzvf subversion-deps-1.4.6.tar.gz
cd subversion-1.4.6

One step, maybe (32-bit?)

At this point, depending on your server configuration, you might be able to install with the following two commands:

./configure –prefix=$HOME –without-berkeley-db
–with-ssl –with-editor=/usr/bin/vim
–without-apxs –without-apache
make && make install

HowTo ignore some files/folders from awstats reports

Awstats will consider as a page hit any entry from the log it processes. By default some file extensions (for regular image types and css/js) are excluded from what awstats will consider as a page:
NotPageList="css js class gif jpg jpeg png bmp ico"(this is the default). All other file types will be counted as pages. Now, if we want to completely ignore some files, or even all the content of one folder from the awstats processing we can use the SkipFiles parameter. We might want to do this to ignore some frames, hidden pages, ajax calls, etc.

The SkipFiles parameter is by default empty, and in order to use it we have to add the appropriate config in our awstats.conf file.  For example to ignore a file called somefile.php we will add “/somefile.php“:
SkipFiles="/somefile.php"
while if we want to ignore all the pages in a folder called somefolder we will have to use a regex value like: “REGEX[^/somefolder]“
We can add several rules separated by spaces:
SkipFiles="/somefile.php REGEX[^/somefolder]"

Note: this will be effective only for new updates; meaning existing data will not be affected by this (if really needed you will have to regenerate your stats to get rid of those pages in old stats).

Dev-mysql-maint error occurred during the installation of VHCS Control panel

Error message:

Can’t connect on ‘DBI:mysql:;localhost’ :Access denied for user ‘debian-sys-maint’@'localhost’ (using password: YES)

The issue occurring due to the absence of grant privilege (to the user dev-mysql-maint) on the databases.

You obtain details of "dev-mysql-maint" from /etc/mysql/debian.cnf.

One example is mentioned below:

# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host = localhost
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
user = debian-sys-maint
password = 0nQp8g7pmupSbcpg
socket = /var/run/mysqld/mysqld.sock
basedir = /usr

You need to grant the privileges to dev-mysql-maint, according to the above information.

grant all privileges to *.* on 'dev-mysql-maint'@'localhost' identified by '0nQp8g7pmupSbcpg' with grant option;

Note: Modify the password according to the information in /etc/mysql/debian.cnf.

Cpanel- How can we solve the problem "Unable to login FAQMasterFlex admin area" ?

How can we solve the problem "Unable to login FAQMasterFlex admin area" ?

This might be due to 'register globals =off'. Because of that, the server variables must be expli
citly pulled into the script in order for the authentication to work. Add the following two state
ments to admin_authorize.php, just above the "if" statement that tests their values:
$PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];