Recursive multiple add IP to lock in the .htaccess file
Task. The web server in the home folder ~ / public_html in the usual way are the directories of various sites. In the same usual way, each .htaccess file is located in each site directory. It is known that with the help of this file, access to IP is also limited . In my case, this file looks like this:
This record (block) is found in each .htaccess file of each site in the public_html folder only once. And if you want to block access to all sites by IP, for example 194.165.16.76 - in each file, a new line is added after the line “Allow from all”:
Question: what to do when there are not 2 and not 3 sites on the server, but much more?
Here is how I tried to solve this problem.
The find command will help us find all .htaccess files recursively, starting from the specified folder, if we execute the following from any location:
')
Next, we need to perform some file manipulations, namely:
The –exec parameter for the find command will help us in this. In particular, I used the sed streaming editor . That is, for a particular case, the command helps me for a specific .htaccess file:
Now, combine together find and sed:
By executing this command, bash will find all .haccess files and insert Deny from 194.165.16.76 into them immediately after Allow from all.
Cut one part of the routine, Go ahead, trying to ensure that not to type the same long teams each time. Create a ~ / addblacklistip file in the home folder with the following contents:
Next, execute the command:
Our script is ready to use. For example, to add blocking by IP 7.7.7.7 to all .htaccess files, simply execute the command:
First, check all the commands and scripts that you run many times. Especially when it comes to .htaccess files. Secondly, do not be lazy to create a test daddy with subfolders and .htaccess files to check everything.
Add to the place where you would like to make new entries about blocking, a keyword, for example #Add next IP here. It might look like this:
And in the script line:
replace with line:
Now new blocking entries will appear after the key entry #Add next IP here.
Just execute the script with the following parameters:
where 7.7.7.7 is the blocked IP.
How much? There is a separate topic for the analysis of the issue and further automation.
Order Allow,Deny Allow from all Deny from 194.87.147.196 This record (block) is found in each .htaccess file of each site in the public_html folder only once. And if you want to block access to all sites by IP, for example 194.165.16.76 - in each file, a new line is added after the line “Allow from all”:
Deny from 194.165.16.76 Question: what to do when there are not 2 and not 3 sites on the server, but much more?
Here is how I tried to solve this problem.
Find command
The find command will help us find all .htaccess files recursively, starting from the specified folder, if we execute the following from any location:
')
find ~/public_html -type f -name .htaccess Parameter –exec
Next, we need to perform some file manipulations, namely:
- Find the line "Allow from all"
- Insert after it the line "Deny from 194.165.16.76"
The –exec parameter for the find command will help us in this. In particular, I used the sed streaming editor . That is, for a particular case, the command helps me for a specific .htaccess file:
sed -i "/Allow from all/a Deny from 194.165.16.76" .htaccess Now, combine together find and sed:
find ~/public_html -type f -name .htaccess –exec sed -i "/Allow from all/a Deny from 194.165.16.76" {} \; By executing this command, bash will find all .haccess files and insert Deny from 194.165.16.76 into them immediately after Allow from all.
Bash script
Cut one part of the routine, Go ahead, trying to ensure that not to type the same long teams each time. Create a ~ / addblacklistip file in the home folder with the following contents:
#!/bin/bash me=`basename $0` if [[ $# -lt 2 ]]; then echo "Usage $me <start_path> <IP_address>" exit fi find $1 -type f -name .htaccess -exec sed -i "/Allow from all/a Deny from $2" {} \; Next, execute the command:
chmod +x ~/addblacklistip Our script is ready to use. For example, to add blocking by IP 7.7.7.7 to all .htaccess files, simply execute the command:
~/addblacklistip ~/public_html 7.7.7.7 Notes and Additions
WHAT YOU DO - YOU DO AT YOUR OWN RISK!
First, check all the commands and scripts that you run many times. Especially when it comes to .htaccess files. Secondly, do not be lazy to create a test daddy with subfolders and .htaccess files to check everything.
If your blocking section looks different ...
Add to the place where you would like to make new entries about blocking, a keyword, for example #Add next IP here. It might look like this:
Order Allow,Deny Allow from all Deny from 194.87.147.196 #Add next IP here Deny from 194.87.147.196 And in the script line:
find $1 -type f -name .htaccess -exec sed -i "/Allow from all/a Deny from $2" {} \; replace with line:
find $1 -type f -name .htaccess -exec sed -i "/#Add next IP here/a Deny from $2" {} \; Now new blocking entries will appear after the key entry #Add next IP here.
If all sites are not in the ~ / public_html folder, but in ~ / www?
Just execute the script with the following parameters:
~/addblacklistip ~/www 7.7.7.7 where 7.7.7.7 is the blocked IP.
If I have a lot of IP to add?
How much? There is a separate topic for the analysis of the issue and further automation.
Source: https://habr.com/ru/post/321110/
All Articles