Dushy Squirt

Member
Mar 7, 2013
13
0
1
cPanel Access Level
Website Owner
Hi,

I have quite a large list of IP ranges that I wish to deny access to a website and have been using the "IP Deny" cPanel utility to block some of these ranges. It would be a lot easier for me if there was an "IP Allow" cPanel utility so that the few IP's that need access get through OK and all other IP's are blocked.

I can implement "IP Deny/Allow" using the htaccess file but I am not sure how secure the htaccess method is and if there is a hack to the htaccess method by modifying the hosts file on a local PC.

Would the creation of an "IP Allow" cPanel utility be within the scope of a cPanel developer?

Thx
 

PenguinInternet

Well-Known Member
PartnerNOC
Jun 20, 2007
190
22
68
Cardiff, UK
cPanel Access Level
DataCenter Provider
Twitter
The .htaccess file is quite secure for this and a 'Deny From All' followed by an 'Allow From' statement with the IP's that you wish to give access to would likely be your easiest method. Altering the hosts file on a local PC will not bypass the .htaccess checks - this only overrides the DNS lookups for your local computer, not the IP checks on the server.
 

Dushy Squirt

Member
Mar 7, 2013
13
0
1
cPanel Access Level
Website Owner
The .htaccess file is quite secure for this and a 'Deny From All' followed by an 'Allow From' statement with the IP's that you wish to give access to would likely be your easiest method. Altering the hosts file on a local PC will not bypass the .htaccess checks - this only overrides the DNS lookups for your local computer, not the IP checks on the server.
That's not strictly true re htaccess. I setup a web page with htaccess IP control and asked a colleague to try to hack into it to see if he could view the page even though his IP was not in the htaccess allow list. He did some jiggery pokery with a keyboard and a server he setup and the next thing was he emailed me a copy of the web page. That htaccess IP control is about a secure as a hookers pipe.

Having said that, the hacker is a seriously clued up geek who farts code, I am not sure what method he used but he definitely got through that htaccess gubbins.

Rgds
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
What makes you think that some kind of "IP Allow cPanel Utility" would be more secure?
 

Dushy Squirt

Member
Mar 7, 2013
13
0
1
cPanel Access Level
Website Owner
What makes you think that some kind of "IP Allow cPanel Utility" would be more secure?
I dont, I just like the thought of an extra level to bítch up any hackers and make them have to work harder.

Also, it's a real pain having to setup blocks for a load of IP's, it would be a lot quicker if the current "IP Deny" utility in control panel had a "bizzarro" equivalent called "IP Allow" where only the IP's in the list could get through.

I can't be ársed to put a request in the development suggestions forum where it gets reviewed etc and perhaps in 9 months time somone thinks about doing it. If there is a developer who can code this utility for me now and get it to work in my web hosts control panel I will pay them to do it.

Dushy
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
Also, it's a real pain having to setup blocks for a load of IP's, it would be a lot quicker if the current "IP Deny" utility in control panel had a "bizzarro" equivalent called "IP Allow" where only the IP's in the list could get through.

I can't be ársed to put a request in the development suggestions forum where it gets reviewed etc and perhaps in 9 months time somone thinks about doing it. If there is a developer who can code this utility for me now and get it to work in my web hosts control panel I will pay them to do it.
I guess you don't know how this cPanel "IP Deny Manager" works, do you?

Yes, it creates entries in the .htaccess file.

So if they'd implement an "IP Allow" utility it would work the same way.
 

Dushy Squirt

Member
Mar 7, 2013
13
0
1
cPanel Access Level
Website Owner
I guess you don't know how this cPanel "IP Deny Manager" works, do you?

Yes, it creates entries in the .htaccess file.

So if they'd implement an "IP Allow" utility it would work the same way.
You're right, I did not know that was how it worked, well, that's that idea down the swanee. I just checked the root level htaccess file and it is full of the gubbins that I placed in IP Deny. I may as well edit the htaccess at root level to be an "IP allow" file similar to waht I got in a lower level folder.

I suppose that the cPanel "IP Deny" utility is just an easy way for non geekos types to do the blocking rather than get their mits on the code in htaccess


Dushy