Home > Guardian Error Handling System > Help > 1018

Using the "blacklist" rule

The "blacklist" rule is used to deny all access from a particular IP address. This rule is typically used in response to hostile probing activity.

The blacklist action will add an entry into the site's .htaccess file like so:

# Added by Guardian 2002-08-08 (url-substring:/secret/)
deny from 10.11.12.13

where "10.11.12.13" is the IP address of a visitor who tried to access the "/secret/" area. After this action has been triggered, all subsequent requests from that IP address will be returned as "403 Forbidden".

You should not allow too many "deny" directives to add up in the .htaccess file. Ideally you would clear out the automated "deny" directives every day or two (leaving permanent deny directives for those IP addresses which cause trouble day after day). If you are not able to periodically clean out your .htaccess file, then you should not use the "blacklist" rule.

Visitors who use a dial-up connection can usually work around the blacklist rule by reconnecting to the Internet. Visitors with a fixed IP address will not be able to access your site until you remove the deny directive for their IP.

For the "blacklist" rule to take effect, all of the following must be true:


    "Using the "blacklist" rule"
    http://www.xav.com/scripts/guardian/help/1018.html