FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home » Search results for "Blocking"

Search For Blocking

« Older Entries
HTTP/1.1 200 OK Date: Sat, 11 Feb 2012 14:10:10 GMT Server: Apache Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Dealing with Mobile Visitors using Bad Browsers

Definately worth the read… Read the rest, but it is hard to see any benefit to doing this. Mobile agents are still in their infancy, but within 2 years most mobiles will be as fast as the laptops from a couple years back... I mean my droid is running linux! The world is moving steadily towards a society where mobile devices will

Posted in Htaccess | Published on September 9, 2010 |1 Comment »

Optimizing Servers and Processes for Speed with ionice, nice, ulimit

To prepare for several upcoming articles on AskApache that are focused on optimizing Servers and Sites from a server admin level, here is an article to introduce the main tools that we will be using. These tools are used to optimize CPU time for each process using nice and renice, and other tools like ionice are used to optimize the Disk IO, or Disk speed / Disk traffic for each process. Then you can make sure your mysqld and httpd processes are always fast and prioritized.

Posted in Optimization | Published on October 10, 2009 |4 Comments »

Protecting Files with Advanced Mod_Rewrite Anti-Hotlinking

If you have files on your site that you don't want indexed by malicious search engines, grabbed and leeched by malicious spammers, or stolen and made available elsewhere, you can use mod_rewrite to drastically reduce or totally reduce that activity.

Posted in Htaccess | Published on September 16, 2009 |1 Comment »

THE Ultimate Htaccess

Skip this - still under edit

I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and "share" the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don't use .htaccess much, if AT ALL. It's much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I've never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it's almost as powerful as httpd.conf itself!

Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It's common to see "computer gurus" on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf - I wonder if these "gurus" know the history of the htaccess file, like it's use in the earliest versions of the HTTP Server- NCSA's HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.

Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA's, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)

Posted in Htaccess | Published on January 10, 2009 |87 Comments »

Fsockopen Power Plays

PHP's fsockopen function lets you open an Internet or Unix domain socket connection for connecting to a resource, and is one of the most powerful functions available in the php language.

Posted in PHP | Published on July 2, 2008 |4 Comments »

Blocking Bad Bots and Scrapers with .htaccess

Block Bad RobotWant to block a bad robot or web scraper using .htaccess files? Here are 2 methods that illustrate blocking 436 various user-agents.

Posted in Htaccess | Published on April 8, 2008 |22 Comments »

IP Abuse Detection for DreamHost

Block IP Address .htaccessScan Apache logs for IP address that are probably evil, then generates an .htaccess file to DENY them all.

Posted in Security | Published on March 16, 2008 |5 Comments »

Faster POST and GET Form Submissions… Shazam

Snoopy Fsockopen HTTP Class for PHPJust a very brief look at speeding up form submission by delegating the processing and bandwidth to your server, not your client.

Posted in PHP | Published on February 12, 2008 |1 Comment »

SEO with Robots.txt

Very nice tutorial dealing with the robots.txt file. Shows examples for google and other search engines. Wordpress robots.txt and phpBB robots.txt sample files.

Posted in SEO | Published on October 20, 2007 |22 Comments »

If you can crash your daemon, you likely have a security problem

Tons of awesome tips and tricks using netcat. Port redirector, nessus wrapper, capture exploits being sent by vuln scanners, etc. This is very useful for doing stuff like redirecting traffic through your firewall out to other places like web servers and mail hubs, while posing no risk to the firewall machine itself.

Posted in Security | Published on September 23, 2007 |No Comments »

Wget Trick to Download from Restrictive Sites

Before
wget 403 Forbidden After trick
wget bypassing restrictionsI am often logged in to my servers via SSH, and I need to download a file like a WordPress plugin. I've noticed many sites now employ a means of blocking robots like wget from accessing their files. Most of the time they use .htaccess to do this. So a permanent workaround has wget mimick a normal browser.

Posted in Linux | Published on September 6, 2007 |9 Comments »

WordPress robots.txt SEO

WordPress robots.txt file can make a huge impact on your WordPress blogs traffic and search engine rank. This is an SEO optimized robots.txt file.

Posted in SEO | Published on May 10, 2007 |36 Comments »

Security Enhancing with htaccess

Securing Subdirectories using unique apache htaccess solutions.

Posted in Htaccess | Published on February 7, 2007 |1 Comment »

Running a Reverse Proxy in Apache

In 2003, Nick Kew released a new module that complements Apache's mod_proxy and is essential for reverse-proxying. Since then he gets regular questions and requests for help on proxying with Apache. In this article he attempts to give a comprehensive overview of the proxying and mod_proxy_html

This article was originally published at ApacheWeek in January 2004, and moved to ApacheTutor … Read the rest

Posted in Hosting | Published on January 3, 2007 |12 Comments »

FastCGI on DreamHost

Using FastCGI on DreamHost and .htaccess

Posted in Shell Scripting | Published on November 28, 2006 |No Comments »

« More Entries

  Search Feed
  Comments Feed

Clusty

Ask.com

Yahoo

Windows

My Picks

AskApache Liberty Policy

Live Free or Die
Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman

Newest Posts

htaccess Guide

Website Speed Tips Series
  1. Turn On Compression
  2. Add Future Expires Header
  3. Add Cache-Control Headers
  4. Turn Off ETags
  5. Remove Last-Modified Header
  6. Use Multiple SubDomains

The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect. -Tim Berners-Lee

A strong free software movement focused on the principled issues of software freedom and a strong FSF in particular will determine what freedoms the next generation of computer users enjoy. At stake is no less than the next generation's autonomy. -Benjamin Mako Hill


Google +

It's very simple - you read the protocol and write the code. -Bill Joy

HTML | DCMI | GRDDL | OGP | XOXO | XDMP | XFN | DOM | XML | XHTML 1.1 Strict | CSS 2.1 | W3C

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

Site Map | Contact Webmaster | Glossary | License and Disclaimer | Terms of Service |

↑ TOPMain