Apache block an ip address from accessing the website

Question

someone trying to access pages like

//mysqladmin//scripts/setup.php

Is it some hack attempt or .. ?

If yes then how i can block its ip from accessing mine website ?

Via htaccess or something else ?

Answer 1

To block special IP addresses you can put the following in a .htaccess file located in your directory, you like to restrict:

order allow,deny
deny from 1.2.3.4
allow from all

Where 1.2.3.4 is the IP you like to block.

But note that IP adresses change users and also attackers change IP adresses.

So this will not secure your application and potentially block leagal visitors.

The better solution will be to make sure your script does not accept malicious paths.

1. Append a base path to the path you get from the user
2. Make sure the path you get from the user does not contain '../'