Denying Domains

[mg66]

Is it possible to deny domains as Apache does in the .htaccess file or does Abyss only use IPs?

i.e.

<Files *.gif>
Order Deny, Allow
Deny from .thoseevilpeople.net
</Files>

Thanx in advance.
_________________
mg66

http://sv650.metromain.net
http://photography.metromain.net
http://weather.metromain.net
http://www.metromain.net
http://www.bghi.us


Abyss Web Server X2

[pkSML]

[TRUSTAbyss]

This feature can easily be added to the "IP Address Controle" feature. All Aprelium needs to do, is allow Hostnames for the Deny/Allow IP Addresses. Now that you mentioned this, I will post this in the "Suggestions for the future" forum. Hopefully in the next version, Aprelium can add this feature.

As for the PHP script, I have that but it won't really do you any good when dealing with GIF files. If you want it, I will post it.

Edit: Have a look at this.
http://www.aprelium.com/forum/viewtopic.php?t=12122

[TRUSTAbyss]

mg66,

The majority of us don't really need a feature like this. Apache Foundation is stupid for even adding such a feature. A reverse DNS lookup can take a long time for some Hostnames, and if Abyss had to check for every Hostname for every request made, that can slow the server down too much. Let's say you have 5 Hostnames listed in the "IP Address Controle" area. Each IP Address on your server needs to be compared to all five of these Hostnames before they recieve any data from the web server. Imagine if each Hostname took 5 secs to lookup! That would make your website visitors wait 25 secs before they receieve any data.

Now you should have a pretty nice idea why this would be a bad thing. The best thing to do is use a tool to find there "IP Address Range" and block them using that instead.

Such a tool can be found here:
http://www.snapfiles.com/reviews/WhoisView/whoisview.html

Sincerely, Josh (TRUSTAbyss)

[Moxxnixx]

[AbyssUnderground]

Regarding the lookup, if that server runs its own dns server lookups can take miliseconds, so it wouldn't cause much of a problem. If each lookup took 5ms, then you can easily look up 200 a second.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk

[pkSML]

Just a little more information to add to the bin...

Hostnames are very quick to lookup. I have a Perl script that checks about 300 hostnames at a time. They will usually zip right through. The requests go to port 53 of my ISP's DNS server (like any other hostname your browser looks up while you're surfing the web).

Some IP addresses do not have a hostname, and they are the ones that can stall for 5 seconds or so. I used to have one of my sites keep the hostname in a counter log, but those IPs without a hostname would not see the rest of the homepage until the counter did its processing, which seems to take forever without a hostname.

Anyways, to make this a usable feature, there would need to be a timeout value that we could set. I think 500ms is reasonable. It would hardly bog down the server.

But the conclusion is this: why do you want this feature, mg66? I've seen thousands of hostnames. Some are based on ISPs. Some are based on companies to whom IP addresses are leased (like a school or company). There is no set naming scheme for hostnames. I don't think there's a set hostname scheme just for hackers (humor...)
_________________
Stephen
Need a LitlURL?

http://CodeBin.yi.org

[loloyd]

mg66, would you share with us a sample of those domains that you don't want to have access to your GIFs? or maybe you're just looking for the anti-leeching feature?
_________________

http://home.loloyd.com/ is online if the logo graphic at left is showing.