benoit1980 Posted September 17, 2014 Share Posted September 17, 2014 Hello, I am having a real problem with this and would like to know if someone can give me a feedback. Thank you I am developing a website and would like to only let the access to a few people. I try to lock the website with an "allow" and "disallow" htaccess block but it seems to be slowing down the website a lot. The website at the moment is hard coded with https:// I am wodering if the .htaccess is correct. Sometime the pages load non stop and nothing shows up and sometime the pages are showing up. I remove the htaccess, everything is fine. here is the code: <Limit GET POST> order allow,deny allow from 89.187.79.200 #The next line modified by DenyIP #deny from all </Limit> Options +FollowSymLinks IndexIgnore */* RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php/$1 [L] <Files 403.shtml> order deny,allow deny from all </Files> allow from xxx.xx.xx.xxx ###########FaceBook########### Allow from 31.13.24.0/21 Allow from 31.13.64.0/18 Allow from 66.220.144.0/20 Allow from 69.63.176.0/20 Allow from 69.171.224.0/19 Allow from 74.119.76.0/22 Allow from 103.4.96.0/22 Allow from 173.252.64.0/18 Allow from 204.15.20.0/22 Allow from 2401:db00::/32 Allow from 2620:0:1c00::/40 Allow from 2a03:2880::/32 ##########FaceBook############ Thanks in advance Ben Quote Link to comment Share on other sites More sharing options...
jeffreyappel Posted April 9, 2015 Share Posted April 9, 2015 If everything is fine then what to do next? Quote Link to comment Share on other sites More sharing options...
gizmola Posted April 9, 2015 Share Posted April 9, 2015 Try moving the deny/allow rules from the .htaccess to the vhost config. Due to the way .htaccess rules are handled, there is substantially more overhead involved. You also have alternatives like: Do your allowing using php code. Use iptables instead Use a loadbalancer/proxy like HAProxy that supports ACL Iptables would be much faster, however, it wouldn't be viable without a specific IP or Port attached to your one vhost. I like to throw in consideration of HAProxy, because sometimes a long term plan will require a load balancer, and you're killing 2 birds with one stone. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.