Denying Ips Slows Me Down

[carbonize]

For the past month or so I have noticed that my site has been slow for me. Today I was updating my htaccess file and discovered that if I removed all the deny from my site was fast again. Is there an issue with the deny from? I mean I know there shouldn't be. Here is the anti spam bit from my file

 

# Anti Spam Stuff

 

order allow,deny

deny from 58.254.112.22

deny from 69.147.242.42

deny from 119.66.186.31

deny from 123.128.145.238

deny from 193.46.236.234

deny from 212.116.219.54

deny from alfa.inptr.biz

deny from apex.dedicatedplace.com

deny from .internetserviceteam.com

deny from .layeredtech.com

deny from not-yet-assigned.draculahosting.com

allow from all

 

SetEnvIfNoCase User-Agent "^libwww-perl*" spammer=yes

SetEnvIfNoCase User-Agent "^Jakarta*" spammer=yes

SetEnvIfNoCase User-Agent "^TrackBack*" spammer=yes

SetEnvIfNoCase User-Agent "^USERAGENT$" spammer=yes

SetEnvIfNoCase Via pinappleproxy spammer=yes

SetEnvIfNoCase Referer tdmpost\.t35\.com spammer=yes

SetEnvIfNoCase X-AAAAAAAAAAAA 1 spammer=yes

Deny from env=spammer

 

# End Anti Spam Stuff

 

it's only the first block that slows me down. Removing it fixes the speed issue.

 

ps. I'm on Matra.

Edited August 22, 2008 by carbonize

[TCH-Bruce]

I don't know if it makes a difference but you have your order set to allow, deny yet you list them in deny, allow order. Try changing the order or put the allow from all at the top of the list.

[carbonize]

The order I have them in is what most sites say it should be in. I only added that today as before that I just had a list of deny from ###. It's like the code to stop people reading the htaccess file

 

<Files .htaccess>

order allow,deny

deny from all

</Files>

 

BTW thanks for moving this. I wasn't sure where to put it hence it being where it was.

Edited August 22, 2008 by carbonize

[TCH-Bruce]

I see what you are saying but I was wondering if the syntax has something to do with it.

 

If you specify allow,deny wouldn't your allowed sites come first and denied sites follow? I don't know that it matters.

[carbonize]

Just tested and no the syntax does not make a difference.

[TCH-Andy]

I just noticed this thread, and thought I'd respond.

 

It is slowing things down because of the domain names in the lookup. These force the server to do two DNS lookups. It will do a reverse DNS lookup on the IP address to find the associated hostname, and then do a forward lookup on the hostname to assure that it matches the original IP address. If the forward and reverse DNS are consistent and the hostname matches access will be blocked.

 

If you use an IP address ( or IP range ) rather than the domain name, you should find it much quicker as you are not waiting for the DNS lookups.

[carbonize]

Shame because LayeredTech owns a damn lot of IP blocks.

 

Would same problem exist if I used SetEnvIf Remote_Host "dedicatedplace.com" getout for the domains? Does that even work same way?

[TCH-Andy]

Basically it will be the same. It depends what you are wanting to do - the layeredtech IP block is 72.232.0.0 - 72.233.127.255 if you want to block the lot.

[carbonize]

Yes but in htaccess I would have to do

 

deny from 72.232.

deny from 72.233.1.

deny from 72.233.2.

deny from 72.233.3.

 

and so on.

[TCH-Dick]

Yes but in htaccess I would have to do

 

deny from 72.232.

deny from 72.233.1.

deny from 72.233.2.

deny from 72.233.3.

 

and so on.

 

These two lines should take care of the whole range.

deny from 72.232.0.0/16

deny from 72.233.0.0/17

[carbonize]

Ah you live and learn. Can you explain what they do?

[TCH-Andy]

Do a quick google on CIDR of have a look at http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing .....

 

Basically if you add /16 on the end of an IP address such as 72.232.0.0/16 it means 72.232.0.0 and the following 256x256 IP's - hence from 72.232.0.0 to 72.232.255.255