Results 1 to 4 of 4
  1. #1
    Join Date
    Apr 2004
    Location
    Atlanta, GA
    Posts
    541

    php, writing to .htaccess ?

    hi can someone assist me with help on how to write to a .htaccess file and insert a deny IP. what i'll need to do is insert above </Limit> and /n for new line

    PHP Code:
    <Limit GET POST>
    order deny,allow
    allow from all
    deny from 127.0.0.1
    </Limit

  2. #2
    Join Date
    Apr 2007
    Location
    Calgary, Canada
    Posts
    200
    Interesting problem. If you want to go all crazy with fseek, here is my solution:

    PHP Code:
    $fp fopen('htaccess.txt''r+');
    fseek($fp0SEEK_END); // Go to the end of the file
    fseek($fpftell($fp) - 9); // Go to the position where </Limit> is.
                                // 9 because there is 9 characters in '</Limit>\n'
    fwrite($fp"deny from 123.123.123.123\n");
    fwrite($fp"</Limit>\n");
    fclose($fp); 
    Just make sure that your .htaccess has a new line after </Limit> for it to work properly.

    Otherwise, I'd use file and put it before the last line, but you're opening the file twice and rewriting the entire file with this approach:

    PHP Code:
    $htaccess file('htaccess.txt');
    $lines count($htaccess);

    $fp fopen('htaccess.txt''w');

    for (
    $i 0$i $lines$i++) {
       if (
    $i == $lines 1)  // Edit: If you have more lines after </Limit> you have to change the number here.
          
    fwrite($fp"deny from 123.123.123.123\n");
       
    fwrite($fp$htaccess[$i]);
    }
    fclose($fp); 
    I think the second one may be a little bit more robust, but they both should work.
    Last edited by Kohrar; 06-14-2009 at 06:46 AM.

  3. #3
    Join Date
    Apr 2007
    Location
    Calgary, Canada
    Posts
    200
    Sorry about double posting, but I thought of another solution based on the second one when I went to bed which will be less problematic than the two I gave above:


    PHP Code:
    $target 'htaccess.txt';
    $htaccess file($target);
    $lines count($htaccess);

    $fp fopen($target'w');
    for (
    $i 0$i $lines$i++) {
       
    $currentLine trim($htaccess[$i]);
       if (
    $currentLine == '</Limit>'
          
    fwrite($fp"deny from 123.123.123.123\n");
       
    fwrite($fp$currentLine "\n");
    }
    fclose($fp); 
    This will be a bit ineffecient, but since it is a .htaccess file, effeciency doesn't really matter too much. This will write your 'deny from x.x.x.x' right before the </limit> line. So there are no magic numbers to deal with unlike the implementation I gave in the previous post.

  4. #4
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    I'd suggest a different method altogether. Instead of editing .htaccess every time, have your PHP script create a file named after each IP address you want to ban, then use mod_rewrite in .htaccess to detect the file and deny access.
    Code:
    Errordocument 403 403.html
    # defined 403 document allows banned users to see "Access denied" page
    
    RewriteEngine On
    
    RewriteCond %{REQUEST_URI} !403.html
    # always allow access to the 403 page
    
    RewriteCond /path/to/access_dir/%{REMOTE_ADDR} -f
    # limit rule to IPs recorded as filenames in access_dir directory
    
    RewriteRule .* - [F,L]
    # F = fail, ie. deny access with a 403 error
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •