Disable access to compromised website

[euro-space]

Hi,

Please share your methods, what are the best and easiest way to disable world access to the spamming website hosted on a shared server, and allow only certain IP's of the website owner to investigate and fix the issue.

Website is based on Joomla and adding "Require all denied" in .htaccess is not working for some reason, neither appending following:

<Directory "/home2/cpuser/public_html/" >
Require all denied
</Directory>

to the Post VirtualHost Include editor in WHM is working... Running Apache 2.4.

Thank you.

 

[rpvw]

You could try this in the .htaccess file for the directory that you are trying to protect

<RequireAny>
Require ip x.x.x.x y.y.y.y z.z.z.z
</RequireAny>

Add as many IPs separated by a space that you want to allow - the rule has to validate to any one of the IPs to let you in, anything else will be blocked

See mod_authz_core - Apache HTTP Server Version 2.4 for more information

 

[danielpmc]

Hello euro-space,

I am currently using this in my cPanels public_html .htaccess. This blocks all traffic except my IP. I have used this on and off for years as i build or test sites.

Order Deny,Allow
Deny from all
Allow from xxx.xxx.xxx.xxx

Replace xxx.xxx.xxx.xxx with your IP.

(Also if you need to allow others to access you can add as many Allow from xxx.xxx.xxx.xxx as needed.)

Hope this helps you out.

 

[cPanelMichael]

Hello @euro-space,

The previous posts should help.

Let us know if you have any questions.

Thank you.