扫一扫加微信

apache、iis屏蔽限制ip访问(适用虚拟主机)

Linux下规则文件.htaccess(手工创建.htaccess文件到站点根目录)

<IfModule mod_rewrite.c>
RewriteEngine On
#Block ip
RewriteCond %{http:X-Forwarded-For} ^(8.8.4.4|8.8.8\.) [OR]
RewriteCond %{REMOTE_ADDR} ^(8.8.4.4|8.8.8\.) [OR]
RewriteCond %{http:X-Real-IP} ^(8.8.4.4|8.8.8\.) [NC]
RewriteRule (.*) - [F]
</IfModule>

Windows2008、2012或更高系统下规则文件web.config (手工创建web.config文件到站点根目录)

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>   
        <rewrite>
            <rules>               
                <rule name="band ip">
                    <match url="(.*)" ignoreCase="false" />
                    <conditions logicalGrouping="MatchAny"> 
                    <add input="{HTTP_X_FORWARDED_FOR}" pattern="^(8.8.4.4|8.8.8\.)" ignoreCase="false" />
                                        <add input="{REMOTE_ADDR}" pattern="^(8.8.4.4|8.8.8\.)" ignoreCase="false" />
                                        <add input="{HTTP_X_REAL_IP}" pattern="^(8.8.4.4|8.8.8\.)" ignoreCase="false" />                      
                    </conditions>
                <action type="AbortRequest" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>  
</configuration>

java主机屏蔽IP或IP段

在tomcat管理–>编辑server.xml 找到 :<Host></Host>在节点中配置,屏蔽后重启tomcat生效,访问提示403

<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="8.8.4.4|8.8.4.*"/>

注:根据需求修改(8.8.4.4|8.8.8\.)ip范围

如果只屏蔽IP 8.8.4.4 则写(8.8.4.4)
如果只屏蔽IP段8.8.8.* 则写(8.8.8\.)
屏蔽多段中间用|隔开,如(8.8.4.4|8.8.8\.)

评论

6+4=