How to block users from accessing your site based on their IP address

How to block users from accessing your site based on their IP address

Blocking users by IP address is pretty simple with .htaccess.
So here it is the example:

Order allow, deny
Deny from 192.168.0.10
Deny from 212.155.
Deny from 1.2.3.4  5.6.7.8 127.0.0.1
Allow from all

Let’s take a look at the code line by line:
The first line “Order allow, deny” tells the web server the “Order” in which the Allow and Deny directive will be evaluated. It simply says: Give access to all hosts that are not present in the Deny from list and are present in the Allow from list. With allow, deny order Allow list is looked up first and then the web server checks the deny from list. So as we have allow from all – all access is allowed. Then the allowed access is filtered based on the Deny lists. With allow,deny access is disabled by default.

If we change the order to “deny, allow” then all access is enabled by default and only users in the deny lists are blocked. However as the deny is being processed first allow directives will override any maching settings set in deny directives.

The default Apache order is deny,allow. So you can skip the first line in your .htaccess file if you do not need to change the order in which the Deny and Allow rules are being evaluated by the web server.

So to keep the .htaccess simple you can just use:

Deny from 192.168.0.10
Deny from 212.155.

Basically you can use such rules in your .htaccess file to block a particular user, or a network from accessing your site.
You can put several IP address in a Deny or Allow rule. For example:

Deny from 1.2.3.4   5.6.7.9

The IP addresses must be separated by a space or tab.

You can put entire networks as

Deny from 212.155.

This will block all users which IP addresses start with 212.155

Or to block all access to your site:

Deny from all

And then add another line to enable access only for yourself:

Allow from 1.2.3.4

Where “1.2.3.4” should be replaced with your computer IP address.

Force SSL/https using .htaccess and mod_rewrite

Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Please, note that the .htaccess should be located in the web site main folder.

In case you wish to force HTTPS for a particular folder you can use:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} somefolder
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]

Zero database size

When we login to any clients cpanel , it is not showing actual database size , instead it is showing zero. With phpmyadmin we can see correct size but as you login to capnel >> click on database >> and see the size , it will show O mb db size.

sol-

Edit line

disk_usage_include_sqldbs=1 ( you need to set it to '1' if '0' )

in /var/cpanel/cpanel.config

OR

If you are using 11.25 stable, check the following option in Tweak Settings:

"When displaying disk usage in cPanel/WHM include Postgresql and MySQL® disk usage. [Requires MySQL® 5+] (SQL disk usage is only updated every four hours)"

The mysql usage will be updated shortly.

then run:

#/scripts/update_db_cache

Virtuozzo administration.

Commands to monitor load and memory for hardware node -virtuozzo

1) vzlist -o laverage,veid

2) vzlist -o ctid,name,laverage,kmemsize -s laverage

This one gives a good overview of the load and memory usage

this comes back to tells you

123 vpsname.com 12.02/7.76/7.07 21272584

3) vcalc -v (vpsid)

4) vmstat vpsid

5) cat /var/log/messages | grep OOM | grep ve=661 | wc -l

here 661 is your vps id.

If there are number of customers complaining for dead services like ftp, http, named and so on

You need to check through this script and ask them to INCREASE the RAM.

server setup + directadmin

1)First install yum

This is for x86_64 Bit centos -5.3.

http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/

rpm --import http://mirror.centos.org/centos-5/5.3/os/x86_64/RPM-GPG-KEY-CentOS-5
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-elementtree-1.2.6-5.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-sqlite-1.1.7-1.2.1.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/m2crypto-0.16-6.el5.3.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/sqlite-3.3.6-2.x86_64.rpm
rpm -ivh http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/rpm-python-4.4.2.3-9.el5.x86_64.rpm
rpm --nodeps -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/yum-fastestmirror-1.1.16-13.el5.centos.noarch.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/libxml2-2.6.26-2.1.2.7.x86_64.rpm

rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/yum-metadata-parser-1.1.2-2.el5.x86_64.rpm
rpm -ihv http://mirror.centos.org/centos-5/5.3/os/x86_64/CentOS/yum-3.2.19-18.el5.centos.noarch.rpm

yum update
-----------------
2) yum install gcc g++ gcc-c++ flex

---------------------
3) wget http://www.directadmin.com/setup.sh
---------
4)chmod 755 setup.sh
-------------

5)[root@server~]# ./setup.sh
*** 64-bit OS ***
*** that being said, this should be a CentOS system. ***
*** We do not support any other OS in 64-bit. ***
*** If this is not CentOS, install a 32-bit OS (i386)***
Please enter your Client ID : xxxxx
Please enter your License ID : yyyyy
Please enter your hostname \(server.domain.com\)
It must be a Fully Qualified Domain Name
Do *not* use a domain you plan on using for the hostname:
eg. don't use domain.com. Use server.domain.com instead.
Do not enter http:// or www

Enter your hostname (FQDN) : host.domain-name
Client ID: xxxxx
License ID: yyyyy
Hostname: host.domain-name
Is this correct? (y,n) : y


Is eth0 your network adaptor with the license IP? (y,n) : n
Enter the name of the ethernet device you wish to use : venet0:0

Is 174.34.162.60 the IP in your license? (y,n) : y
DirectAdmin will now be installed on: Enterprise 5.3
Is this correct? (must match license) (y,n) :y

You now have 2 options for your apache/php setup.

1: customapache: older software. Includes Apache 1.3, php 4 and frontpage.
2: custombuild 1.1: newer software (recommended). Includes any Apache version, php 4, 5, or both in cli and/or suphp. Frontpage not available.
Post any issues with custombuild to the forum: http://www.directadmin.com/forum/forumdisplay.php?f=61

Enter your choice (1 or 2): 2

Would you like the default settings of apache 2.2 and php 5 cli? (y/n): y
-----------------

NOTE: if you are installing directadmin on vps server then

Is eth0 your network adaptor with the license IP? (y,n) : n and put "venet0:0" for name of the ethernet device
other wise enter the opting "yes" for
Is eth0 your network adaptor with the license IP? (y,n) : y
=============================================