Site5 - Built For Designers & Developers MENU
Home  ›  Security  ›  Security: Automatically block someone who is snooping around your site

Security: Automatically block someone who is snooping around your site

8 Comments

In this article, we will expand on our PHP Ban script and show you how to automatically ban people attempting to snoop around your website.

For this article, you will need the PHP script mentioned in the other article here.

Now, create or edit the htaccess file located in the public_html folder and add the following to the bottom.

<FilesMatch 403.shtml>
Order Allow,Deny
Allow From All
</FilesMatch>
 
RewriteEngine On
 
## #######################! WARNING !########################## ##
## Make SURE you read the following rewrite rules to make sure  ##
## that none of them affect your actual site and to make sure   ##
## they are not blocking real, needed files or folders.         ##
## ############################################################ ##
 
## Keep the following for added security against snooping ##
RewriteRule ^phpmyadmin /block.php [NC]
RewriteRule ^README /block.php [NC]
 
## Unless you use your cgi-bin, keep the following ##
RewriteRule ^cgi-bin/formemail.cgi /block.php [NC]
RewriteRule ^cgi-bin /block.php [NC]
RewriteRule ^cgi-bin/(.*)$ /block.php [NC]
 
## Remove the following if you ARE using WordPress ##
RewriteRule ^wp-admin /block.php [NC]
RewriteRule ^wp-content /block.php [NC]
RewriteRule ^wp-includes /block.php [NC]
RewriteRule ^wp-config /block.php [NC]
RewriteRule ^wp-cron /block.php [NC]
 
## Remove the following if you ARE using Joomla ##
RewriteRule ^administrator /block.php [NC]
RewriteRule ^components /block.php [NC]
 
## Remove the following if you ARE using phpBB ##
RewriteRule ^adm /block.php [NC]
 
## Remove the following if you ARE using Magento ##
RewriteRule ^var /block.php [NC]
RewriteRule ^app /block.php [NC]
RewriteRule ^downloader /block.php [NC]
RewriteRule ^pkginfo /block.php [NC]
 
## Remove the following if you ARE using Moodle ##
RewriteRule ^auth /block.php [NC]
RewriteRule ^backup /block.php [NC]
RewriteRule ^grade /block.php [NC]
RewriteRule ^iplookup /block.php [NC]
RewriteRule ^message /block.php [NC]
RewriteRule ^mnet /block.php [NC]
RewriteRule ^plagiarism /block.php [NC]
RewriteRule ^webservices /block.php [NC]
 
############### START BANS ###############

With this change, and with the PHP script from the other article you will now be able to automatically ban people snooping around where they shouldn’t be. Make sure you review the htaccess file to make sure that no legitimate files are being blocked.

Still have a question? Or need help?
See an error in this article or want to suggest a missing topic? Please leave us a comment below! If you need technical support with your account, please email us, chat live with a representative, or call us!

8 Comments

  • I used this files on my site and also added my IP address to the white list array but when I get to administrator page (I use Joomla) It only shows me “Hello user! Because your IP address (xxx.xxx.xxx.xxx) is in our whitelist, you were not banned for attempting to visit this page. End of line.” It should redirect me isn’t it?

    • Hello Lavinia,

      It definitely should be redirecting you, yes. If it is not, you may want to contact our support team about it. They can take a look, and see what is causing the redirect to not work.

      • :-(

        • Hi Bill,

          I’m sorry this has upset you. Can you expand on this? We’d love to help, or to answer any questions you may have about this.

  • It can block and bots;

    • Hi Bill,

      Yes, this can block bots. Any connection that meets the criteria will be blocked.

      • The Wpscan is not detected.

        • Hi Bill,

          I am sorry to hear that. If you’re having trouble with this, have you contacted our support team?

Money Back Guarantees
Click to verify BBB accreditation and to see a BBB report.