.htacess Allow From X.x.x.x Problem

[usr8481]

order deny,allow 
deny from all 
allow from x.x.x.x (my ip)

 

 

Why this code in .htacess doesn't work properly?

It supposed to deny access for any ip but allow from specific.

But it deny access for my ip too.

 

I just want use next code

 

<files wp-login.php>
order deny,allow
deny from all
</files>

[Byron]

That should work. Make sure you've spelled .htaccess correctly.

[usr8481]

Make sure you've spelled .htaccess correctly.

With .htaccess everyhing is normal and I tested it on another hosting.

 

# BEGIN W3TC Browser Cache
<IfModule mod_mime.c>
.........................(wordpress cache plugin's settings)
# END W3TC Page Cache core
# BEGIN WordPress
<IfModule mod_rewrite.c>
.........................(wordpress settings)
</IfModule>
# END WordPress
order deny,allow
deny from all
allow from 99.99.99.99 (for e.g. my ip)

 

And of course I typed ip correctly, but I still doesn't have access if I use it

 

order deny,allow
deny from all
allow from 99.99.99.99 (for e.g. my ip)

 

or access to wp-admin (wp-login.php):

 

<Files wp-login.php>
order deny,allow
deny from all
allow from 99.99.99.99
</Files>

[Byron]

Please post the following information:

• Your cPanel username
  
• Your main domain
  
• The server that you are on
  

[Byron]

When I uncomment this part out in your .htaccess file:

 

<Files wp-login.php>
order deny,allow
deny from all
allow from xxxxxxxxx
</Files>

 

And try going to your wp-login.php page, I get a redirect loop. It seems like you might have some errors in your .htaccess file. Try adding just the code above to your .htaccess file and see if it works then.

[Byron]

You could try putting this code at the top of your .htaccess file and maybe it would deliver the page before any errors were caught in the remaining .htaccess:

 

<Files wp-login.php>
order deny,allow
deny from all
allow from xxxxxxxxx
</Files>

[usr8481]

I also use Cloudflare and when it's enabled rules from .htaceess don't work correctly or just don't work

 

for e.g.

I have in my .htaccess code to block specific country:

<Limit GET HEAD POST>
order allow,deny
allow from all
deny from 1.11.0.0/16
deny from 1.16.0.0/14
...
</Limit>

 

it works okay when Clouldflare is paused (I test with proxy for the country I blocked), but it doesn't work when Cloudflare is enabled.

 

But that behaviour is different for other hostings - it works ok with Clouldflare enabled and disabled (paused).

 

Do you have any idea why there are such problems when Cloudlfare is enabled?

 

sorry for my English

[nyten]

When cloudflare is enabled, the visitor connects trough cloudflare to the server and the server doesn't see the visitor's ip. Cloudflare added the headerCF-Connecting-IP including the real ip.

http://www.simplemachines.org/community/index.php?topic=524146.0

Strange that it works with other hosters, maybe they are able to detect when someone connects via Cloudflare and then they select the IP transmitted in CF-Connecting-IP for such proposes....

[usr8481]

I tried this (from http://www.asiteaboutnothing.net/c_block-countries.html) and it works ok

SetEnvIf CF-IPCountry CountryCode BuzzOff=1
Order allow,deny
Allow from all
Deny from env=BuzzOff

 

thanks

 

does it use IPs from cloudflare database?

 

Strange that it works with other hosters

 

first my method (<Limit GET HEAD POST>...) I decided to try because of cloudflare infromation on https://support.cloudflare.com/hc/en-us/articles/200171406-How-do-I-block-connections-based-on-country-or-countries-

 

If you fully want to block visitors from that country, then you would have to put rules on your server to block the country - http://www.ip2location.com/free/visitor-blocker

[nyten]

does it use IPs from cloudflare database?

what exactly?