Not signed in (Sign In)

Ruby + Rails: Blocking an IP Address with Passenger

Bottom of Page

1 to 5 of 5

  1.  
  1.  permalink
    I want to block an IP and I'm using Apache and Passenger for my Rails app. The usual Apache approach doesn't seem to work:

    Order allow,deny
    Allow from all
    Deny from 1.2.3.4

    I'm assuming that Apache has already handed over to mod_rails at this point. I can block static files (CSS, etc) but Rails is still called.

    Someone is doing repeated searches, several times a second from the same IP. I'd like to stop them doing that :)

    Thanks for your help.
    • CommentAuthordiazona
    • CommentTimeAug 10th 2009 edited
     permalink
    Are the Order/Allow/Deny lines in a <Location /> block? If not, I'd put them in one and see if it makes a difference.

    :) David
  3.  permalink
    Hi David,

    Sorry, I should have given more context. I've put them in a <Directory /> block


     <VirtualHost 4.5.6.7:80>
        ServerName www.example.com
        ServerAlias example.com
        DocumentRoot /home/myapp/rails/current/public
        CustomLog /var/log/apache2/myapp.log combined
        RailsEnv production
        <Directory /home/myapp/rails/current/public>
          Options FollowSymLinks
          Order allow,deny
          Allow from all
          Deny from 1.2.3.4
        </Directory>
        RewriteEngine On
        RewriteCond %{HTTP_HOST} ^example.com
        RewriteRule (.*) http://www.example.com$1 [R=301,L]
     </VirtualHost>


    Let me see if it works inside a <Location /> block. I'll respond shortly.

    -
    Bill
  4.  permalink
    Hi again,

    Yes, that worked :) I now realise the difference between <Directory> and <Location> and took the trouble to read the doc (http://httpd.apache.org/docs/2.2/sections.html).

    UPDATE:

    To start with, I didn't think it worked - but then I realised I wasn't paying attention to the status code that Apache was serving. Blush. Just to be sure, I switched back to just using <Directory> and discovered that it was working there too (serving up 403 codes). For the record, I guess that "/" works with <Directory> or <Location>.

    Thanks for your help and sorry again for not paying attention in the first place.

    -
    Bill
    • CommentAuthordiazona
    • CommentTimeAug 11th 2009
     permalink
    Oh, no problem, you're not the only one who's missed the status codes ;-) For what it's worth, <Location /> is the preferred way to apply a particular directive to everything on the website. (I'm not entirely sure why, but maybe there's a possibility that some URL could be considered not to be in any directory...)

    :) David
    Thankful People: billhorsman

1 to 5 of 5

  1.