carbonize Posted August 22, 2008 Share Posted August 22, 2008 (edited) For the past month or so I have noticed that my site has been slow for me. Today I was updating my htaccess file and discovered that if I removed all the deny from my site was fast again. Is there an issue with the deny from? I mean I know there shouldn't be. Here is the anti spam bit from my file # Anti Spam Stuff order allow,deny deny from 58.254.112.22 deny from 69.147.242.42 deny from 119.66.186.31 deny from 123.128.145.238 deny from 193.46.236.234 deny from 212.116.219.54 deny from alfa.inptr.biz deny from apex.dedicatedplace.com deny from .internetserviceteam.com deny from .layeredtech.com deny from not-yet-assigned.draculahosting.com allow from all SetEnvIfNoCase User-Agent "^libwww-perl*" spammer=yes SetEnvIfNoCase User-Agent "^Jakarta*" spammer=yes SetEnvIfNoCase User-Agent "^TrackBack*" spammer=yes SetEnvIfNoCase User-Agent "^USERAGENT$" spammer=yes SetEnvIfNoCase Via pinappleproxy spammer=yes SetEnvIfNoCase Referer tdmpost\.t35\.com spammer=yes SetEnvIfNoCase X-AAAAAAAAAAAA 1 spammer=yes Deny from env=spammer # End Anti Spam Stuff it's only the first block that slows me down. Removing it fixes the speed issue. ps. I'm on Matra. Edited August 22, 2008 by carbonize Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted August 22, 2008 Share Posted August 22, 2008 I don't know if it makes a difference but you have your order set to allow, deny yet you list them in deny, allow order. Try changing the order or put the allow from all at the top of the list. Quote Link to comment Share on other sites More sharing options...
carbonize Posted August 22, 2008 Author Share Posted August 22, 2008 (edited) The order I have them in is what most sites say it should be in. I only added that today as before that I just had a list of deny from ###. It's like the code to stop people reading the htaccess file <Files .htaccess> order allow,deny deny from all </Files> BTW thanks for moving this. I wasn't sure where to put it hence it being where it was. Edited August 22, 2008 by carbonize Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted August 22, 2008 Share Posted August 22, 2008 I see what you are saying but I was wondering if the syntax has something to do with it. If you specify allow,deny wouldn't your allowed sites come first and denied sites follow? I don't know that it matters. Quote Link to comment Share on other sites More sharing options...
carbonize Posted August 22, 2008 Author Share Posted August 22, 2008 Just tested and no the syntax does not make a difference. Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted August 25, 2008 Share Posted August 25, 2008 I just noticed this thread, and thought I'd respond. It is slowing things down because of the domain names in the lookup. These force the server to do two DNS lookups. It will do a reverse DNS lookup on the IP address to find the associated hostname, and then do a forward lookup on the hostname to assure that it matches the original IP address. If the forward and reverse DNS are consistent and the hostname matches access will be blocked. If you use an IP address ( or IP range ) rather than the domain name, you should find it much quicker as you are not waiting for the DNS lookups. Quote Link to comment Share on other sites More sharing options...
carbonize Posted August 25, 2008 Author Share Posted August 25, 2008 Shame because LayeredTech owns a damn lot of IP blocks. Would same problem exist if I used SetEnvIf Remote_Host "dedicatedplace.com" getout for the domains? Does that even work same way? Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted August 25, 2008 Share Posted August 25, 2008 Basically it will be the same. It depends what you are wanting to do - the layeredtech IP block is 72.232.0.0 - 72.233.127.255 if you want to block the lot. Quote Link to comment Share on other sites More sharing options...
carbonize Posted August 25, 2008 Author Share Posted August 25, 2008 Yes but in htaccess I would have to do deny from 72.232. deny from 72.233.1. deny from 72.233.2. deny from 72.233.3. and so on. Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted August 25, 2008 Share Posted August 25, 2008 Yes but in htaccess I would have to do deny from 72.232. deny from 72.233.1. deny from 72.233.2. deny from 72.233.3. and so on. These two lines should take care of the whole range. deny from 72.232.0.0/16 deny from 72.233.0.0/17 Quote Link to comment Share on other sites More sharing options...
carbonize Posted August 26, 2008 Author Share Posted August 26, 2008 Ah you live and learn. Can you explain what they do? Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted August 26, 2008 Share Posted August 26, 2008 Do a quick google on CIDR of have a look at http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing ..... Basically if you add /16 on the end of an IP address such as 72.232.0.0/16 it means 72.232.0.0 and the following 256x256 IP's - hence from 72.232.0.0 to 72.232.255.255 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.