How to block IP in .htaccess on Apache 2.4
I've upgraded Apache 2.4 and would like to block an Ip this could be done by using the following in the .htaccess on Apache 2.2
Order Deny,Allow
Deny from 50.62.136.183
However how can I achieve the same in the .htaccess on Apache 2.4
This is another acceptable syntax for .htaccess file:
<RequireAll>
Require all granted
Require not ip 50.62.136.183
</RequireAll>
This syntax is recommended for 2.4 because the order-deny syntax will not always work, as can be seen here http://httpd.apache.org/docs/2.4/upgrading.html
Apache 2.4 makes some big changes in the way it authorizing users.
Authorization components in Apache 2.4 can now use the Require syntax that was previously only available for authentication. This change simplifies the way to define authorization order. The rule sets previous to 2.4 rather could geth pretty complex. The rules in 2.4 are a more logical, specifying a default and then exceptions.
You are asking as a default for accepting traffic, but wish to block a specific IP, the rule would look something like this:
Require all granted
Require not ip 50.62.136.183
This rule will set a default policy of accepting all IP's except any request coming from the 111.111.111.111 IP address.
Examples of before and after Apache 2.4
Apache 2.2
<files somefile.php>
order allow,deny
deny from 50.62.136.183
</files>
Apache 2.4
<Files somefile.php>
Require all granted
Require not ip 50.62.136.183
</Files>
Don't forget to block access to your .htaccess file or a quick google search my render your site vulnerable. I have included the pre 2.4 and post 2.4 configuration.
Apache 2.2
# Prevent .htaccess files from being spidered or viewed via a web browser.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
satisfy all
</FilesMatch>
Apache 2.4
# Prevent .htaccess files from being spidered or viewed via a web browser.
<Files ".ht*">
Require all denied
</Files>