Apache HTTP Server provides multiple methods for IP-based access control, from simple deny rules to dynamic blocklist integration.
Apache Overview
Apache HTTP Server is one of the most popular web servers. It provides robust access control features through modules like mod_authz_core and mod_rewrite.
Integration Methods
- Using mod_authz_core - For simple blocking, use Require not ip directives in your Apache configuration.
- Using mod_rewrite - For dynamic blocking with external files, use RewriteMap with a text file of blocked IPs.
- Automation - Set up a cron job to regularly fetch Fraudcache feeds and reload Apache configuration.
Example .htaccess configuration:
Require all granted
Require not ip 192.168.1.100
Require not ip 10.0.0.0/8
Best Practices
Use HashTables for Large Lists
When blocking thousands of IPs, use RewriteMap with dbm type for better performance.
Log Blocked Requests
Configure custom logging to track blocked IP addresses and identify false positives.
Conclusion
Apache's flexible configuration makes it easy to integrate Fraudcache threat feeds. By blocking malicious IPs at the web server level, you reduce load on your application and protect against common attacks.
Download Apache Blocklists
Get IP feeds formatted for Apache integration.