 ******************************************************************

 Documentation for the htcountryblock package consisting of
 countryhtsetup.php, countryhtaccess.php, countrycheck.php,
 iptocountry.php, and a couple of other files.

 ******************************************************************

 Copyright (C) 2006 Click Here Software Co.
 Written by: Maurice Randall
 Distributed by: FixingTheWeb.com
 Email: support@fixingtheweb.com
 Version 1.0 : December 16, 2006

 ******************************************************************

 This product can use either one of the following two country
 database files:

 The IP-to-Country Database
 provided by WebHosting.Info (http://www.webhosting.info),
 available from http://ip-to-country.webhosting.info

 or:

 The GeoIP Database
 provided by MaxMind.com (http://www.maxmind.com),
 available from http://www.maxmind.com

 ******************************************************************

 This program is free software; you can redistribute it and/or
 modify it under the terms of the GNU General Public License
 as published by the Free Software Foundation; either version 2
 of the License, or (at your option) any later version.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program; if not, write to the
 Free Software Foundation, Inc.
 51 Franklin Street, Fifth Floor
 Boston, MA  02110-1301, USA.

 ******************************************************************

=== Introduction ========

The purpose of this package of programs is to assist the webmaster
in blocking out entire countries from having access to his/her
web site.

This package is intended for web sites running on "shared" servers.
It can also be used with web sites running on dedicated servers or
virtual private servers (VPS), but for those types of servers, you
might want to look at the ipcountryblock package instead as that
one is capable of blocking countries from the entire server so that
they have no access whatsoever. That package makes use of the Linux
kernel's iptables to perform the blocking.

Web sites running on shared servers can use this package. But keep
in mind, this only protects your web site. It doesn't protect ftp
access, email access, or various other services. However, protecting
your web site is the first step in blocking out the idiots in this
world. Once you've blocked them from your web site, they will have
less of a chance of learning how to access anything else on the
system your web site is running on. For instance, if they can't find
email addresses listed on your web site, they will have less of a
chance at spamming you.

Installing this package is very easy, and once installed, it works
very efficiently at blocking as many countries as you would like to.
Once you are up and running, the work of blocking countries is
handled by a program called "countrycheck.php". It is called from
your .htaccess file by using some rewriting rules.

This package also includes a handy utility called iptocountry.php
that lets you look up an IP address and identify the country it
belongs to as well as the entire range of addresses it falls within.
If you look through your log files and find some IP addresses that
are causing you problems, you can look them up with iptocountry.php
to find out the country they are coming from. You can then add that
country to the list of countries to block, if desired.

=== Requirements ========

Your web site must be running on the Apache web server. You must also
have PHP4 or PHP5 running on the server. Preferably, your web site
should be running on a server that is using Linux as the operating system.

NOTE: This package will probably work OK on a Windows Server, however,
as of the date of this writing, it has not been tested other than with
several Linux Servers.

=== File requirements ========

If you've downloaded the complete countryhtblock.tar.gz package or
countryhtblock.zip package, then you have almost everything you need.
You will also need one more file which contains all of the country and
ip address info.

You have your choice of two different databases.

One can be downloaded from http://ip-to-country.webhosting.info.
This file is called ip-to-country.csv and can be found in the downloads
section of their website. On the website, the downloadable file
is called ip-to-country.csv.zip.

The other one can be found at http://www.maxmind.com. This file is
called GeoIPCountryWhois.csv once it is unzipped. In it's zipped format
when you download it, it is called GeoIPCountryCSV.zip. It's also
found as GeoIP-lite on the site. This is the free download. You can
also use their more accurate GeoIP file from their paid service.
Be sure to get the .csv version and not the binary version.

Whichever file you choose, be sure to unzip it and copy it to the
directory you will be using for this package.

The file you download from one of these two souces is used just one
time during the initial setup. The information database is built from
the file and is used for the operation of the programs in this package.

However, once you begin using this package, you will want to check
periodically for new updates to the database file that you choose to use.
Both database files are updated approximately every month or so.

NOTE: For the rest of this documentation, the country database file
you have chosen to use will be referred as the ".csv database file".

=== Summary of setup ========

Here's a brief summary of what you need to do to get this entire
package running:

1. Download and unpack or unzip this package.
2. Download either the IP-TO-COUNTRY or the MaxMind database file and
   unpack it.
3. Create two new directories with "hard to guess" names on your website.
4. Upload all the files to the two new directories.
5. Run the countryhtsetup.php program from this package to set up all
   the database files that are used by countryhtaccess.php and
   iptocountry.php
6. Run countryhtaccess.php to select the countries you wish to block.
7. Create one or more .htaccess files or modify your existing ones.

Optionally (or instead): Run iptocountry.php to look up countries according
to their IP address.

For a much more detailed installation description, keep reading...

=== Setting up ========

Now that you have all the php files and the .csv database file,
it's time to do the setup.

You need to create two new directories on your web site. The directories
must be accessible to your web server just like any other file that
is used on your website. Use whatever method you normally use when creating
a new directory, also commonly known as a folder. In this documentation, I
will refer to them as directories and subdirectories.

Give each directory a name that is very hard to guess. Something like
"htcountryck1" and "htcountryck2" is good, but don't use those because they
are mentioned in this documentation! Use a name that only you will know.
Nobody from the rest of the world should have access to these directories or
the files within them.

Whatever suits you is fine, the programs themselves don't care where the
directories are or what you name them.

For the rest of this documentation, we will refer to the name of the two new
directories as "country1" and "country2". The real names on your web site
will be something different.

=== Check permissions ========

Make the "country2" directory so that the apache webserver can write to it.
Use whatever method works for you. If you have shell access, you can
do the following:

chmod 777 country2

It's quite safe to use 777 since you are the only one who knows the
name of the directory.

On some systems, 755 might work and some might be OK with 744. But 777
will always work. 755 might work if the "owner" and/or "group" of the
directory is the apache server. On a Debian Linux system, the owner
is usually listed as "www-data". On other systems, it might be "apache".
Use whatever method works so that the Apache web server can write in
this directory. If you have shell access, the following command works:

chown www-data.www-data country2

Now, the web server has full read and write access to the 'country2'
directory. If your web server uses a different name than 'www-data',
just change the above command accordingly. This is not necessary if
you set the permissions on the directory to 777.

Maybe on your system, your own username will work. You'll find out later
when it comes time to create some files.

=== Copy the files ========

Next, use whatever method you normally use for copying (or uploading) files.

1. Upload the following files to the "country1" directory:

index.html
countrycheck.php
notfound.php
badcountry.php

2. Upload the following files to the "country2" directory:

index.html (same file copied to both directories)
menu.php
countryhtsetup.php
countryhtaccess.php
iptocountry.php
htblock00.html - htblock14.html (all the html doc files)
and the .csv database file

For the rest of the setup, you may continue reading this documentation in text
format, or you can read the html version directly from your website. Go to the
following URL:

http://yourwebsite.com/country2/htblock00.html

Just substitute your actual web site name in place of "yourwebsite.com".
Throughout the rest of this documentation, your web site will be referred
to as "yourwebsite.com".

=== Initial testing ========

Using your web browser go to:

http://yourwebsite.com/country2/menu.php

If everything is working OK so far, you should have a screen display
with four things you can click on, "Database Setup", "Country Selections",
"IP to Country", and "Documentation".

The very first time you run this, you can only do two things, view the
documentation or run the database setup utility. So, if you're ready to begin,
click on "Database Setup". Don't click on "Country Selections" or "IP to
Country" until after the database setup has been completed.

NOTE: This does not require a database like mySQL or Postgre. The database
is fully contained within 256 new files that will be created in your "country2"
directory.

Once you click on "Database Setup", a new page will display in your browser
that says at the top:

"Generate Database Files for countryhtblock package"

If the page appears with no error messages, then your combination of web
server and php functionality is working at this point. You should see a web
page with some text and a single button that can be clicked on. If any
error messages were displayed from either your browser, your web server,
or php building a page with error messages, then something is wrong and
needs to be fixed.

The most likely problem at this point is php isn't working for you.
However, if you've downloaded this package with the intentions of using
it, I have to assume you already have a functional php system running. If
not, check the internet for help on getting it working for you. Getting
php working is not the subject of this documentation.

If you received no apparent errors, move on...

=== Build the database ========

The work of creating the database files is all handled by the
countryhtsetup.php program. It will do all the work for you while you
sit back and wait for it to finish.

If you think you're ready, go ahead and click on "Generate Database".

Go to the refrigerator and get a Coke or something. Don't be alarmed,
on a slow server, this can take several minutes. It might appear as
though your web browser is stalling, but it's just waiting for the page
to come back after all the new files are created. Be patient.

There are 256 files being created, all beginning with a number from 0 to
255 and ending with .php. Also, one additional file called countries.php
will be created at the end. These are all being created in your "country2"
directory.

Don't interrupt the process - don't hit the stop button in your browser.
Give it time to complete the task of building the files.

A modern-day fast server will probably get the job done quite rapidly,
but some of us are still using some older equipment.

NOTE: If something goes wrong or the process gets interrupted, don't
panic. Just do it again. Any existing files that were created will be
deleted and replaced by new ones. This would be no different than the
actual process of updating each month when an updated .csv database file
is installed.

When your browser comes back to life, the setup job should be all finished.
However, if something went wrong, you'll likely see an error message of
some sort, most likely from php complaining that it can't create the
files. Check the permissions applied to the directory you are using.
That should be the only problem you are likely to encounter.

I doubt the problem would be a lack of disk space. Most users nowadays
have gigs and gigs of storage space. In any case, the php files take
up very little space, the .csv file eats up about 3MB-6MB and
the newly created database files use about another 3MB-5MB. Plus later on,
after selecting the countries you wish to block, a little more disk space
will be used, but it's very minimal. So, less than 7MB-12MB of free space
will do the job. If you don't have that much available, I'd be looking for
another host to run your web site on.

=== Updating the database ========

Now that the database files are built, we are all done with both the
.csv database file and the countryhtsetup.php file. However, the
.csv database file gets updated periodically, maybe every couple of
months or so. Whenever that happens, just go download a new version of it,
copy it in place of the existing .csv database file and then rerun
the countryhtsetup.php program either by loading it directly into your
browser or by accessing it from the menu.php file in your country2 directory
and clicking on "Database Setup". It will upgrade all the existing database
files for you. It's as simple as clicking on "Generate Database".

NOTE: You will also want to rerun countryhtaccess.php which is described
later on.

Whenever you recreate new updated database files, the countries.php file
is also recreated. This file stores the list countries that you wish
to block. Your existing settings will be preserved and restored when the
new countries.php file is created.

NOTE: If you decide to switch from one database to the other (IP-to-Country
vs. MaxMind), be sure to either delete the countries.php file or rename it
to something else if you'd like to preserve it. The reason for this is due
to the slightly different names each database gives to some of the
countries. When you switch, your default settings are not preserved. This
need not be done if you stick with the same database provider.

=== Using the software ========

We now have two more php programs that can be used, one is countryhtaccess.php
and the other is iptocountry.php. Let's check out iptocountry.php first
and get familiar with it. This will help to understand what takes place
when we run the countryhtaccess.php program.

Just as with the setup program, point your browser:

http://yourwebsite.com/country2/menu.php

...and then click on "IP to Country".

You'll get a page showing a brief help message along with a text box
and a clickable button. Enter an IP address into the text box and then click
on "Get IP Info".

A page will appear that will display the address you entered along with
a version of the address in a long decimal format. The long decimal format
is basically the four ip address bytes multiplied out to the full 32-bit
number they represent. For most purposes, you can ignore the long decimal
results, but they are included in case you have a need for them. I use them
for manually looking through the database files and comparing ranges of
addresses.

Also displayed is the range of ip addresses that your request matches up
with along with the country that this range belongs to. Then below this
are two columns of info. In the left column are 6 ranges of ip addresses
listed that appear numerically ahead of your request. Likewise, in the
column to the right are 6 ranges of ip addresses listed that appear
numerically after your request. You can use this information when you wish
to find larger blocks of ip addresses than just the one that matches your
request.

When you use this program, you'll notice that sometimes it provides a response
quite rapidly while other times, it seems to take longer. The difference is
due to the ip address you are requesting info on. Some ranges are broken
up real badly with very small chunks distributed here and there. When the
program encounters those ranges, there is a tremendous amount of data to
search through and calculate. But even on a fairly slow server, the wait
isn't bad, it's just that you will notice a difference depending on the
address you enter.

Play with this program and get used to it. You'll find it's very handy
and really helps when you want to find the info you need.

=== Block those countries ========

Now it's time to move on and get your web site setup so it can block the
countries you don't want or don't need. There's nothing personal intended here,
but there comes a time when we just can't take it anymore and must take some
drastic action. It's just too bad that there are some bad people out there
spoiling the internet for everyone else.

Some will say, "a few bad apples spoils it for everyone". Well, it's not
a few bad apples. There are thousands if not millions of bad apples in this
case. What do we do about them? BLOCK 'EM!

=== Pick your countries ========

Now you get to decide who you like and who you don't like. So, from the main
menu at:

http://yourwebsite.com/country2/menu.php

...click on "Country Selections".

You'll get a page displayed showing some buttons and all the available
countries you can pick from. The first time you run this program, none of
the countries will be selected. This means that you are not choosing to
block any country yet.

Go through the list and pick the countries you want to block. There is a
checkbox next to each country name.

You'll notice 4 buttons displayed in a row. Here's the description of each
one:

Clear All - clicking on this button will clear all the country selections.
Use this button to clear all of your existing selections when you want to
pick just one or two countries.

Select All - clicking on this button will select all of the countries.
Use this and then deselect a country or two. You might want to block out
the whole entire world all except for a few select countries.

Save As Defaults - when you are happy with your selections, click on this
button to save your settings. Everytime you load this program, you'll have
the same countries selected for further work.

Load Default Selections - click on this if you change your mind or need
to revert back to your default country selections.

=== Build the 'ht' files ========

Now that you have all of the countries selected that you want to block,
it's time to build the files that are actually used by the countrycheck.php
program. There will be 256 files with names beginning with "ht". They
will be "ht0.php" through "ht255.php".

Click on "Begin" and all of the "htxxx.php" files will be created.

It doesn't take very long to create these files. Your web browser will
wait until the job is finished. Don't hit the stop button, let it do it's
job. On a fast server, it might only take 10 seconds or so. A slow server
might take a couple of minutes. If something goes wrong, it's a simple
matter of clicking on "Begin" to do it all over again. You don't have to
delete any files that were already created, they will get replaced
automatically.

NOTE: Even later on when this package is fully setup and running, you can
add or remove countries without disturbing the functioning of your web site.
You site will continue to run while doing this operation.

Each one of these "htxxx.php" files will contain 0 or more IP address ranges
depending on the countries you have chosen to block. As an example, let's say
you've decided to block all of China. (most people will want to block China!)
The file "ht218.php" will contain some address ranges pertaining to China as
well as possibly some from other countries you may have chosen. If a request
for a file on your web site is made from the IP address 218.0.5.6, the
countrycheck.php program will be used by the apache web server to see if
that address falls within a range of IP addresses listed in this file.
If the address is found, the user will not be able to receive the file that
was requested.

=== Edit the countrycheck.php file ========

This step is very important so that it will work on your web site. You must
edit the countrycheck.php file in a few locations near the start of the
actual code. Load countrycheck.php into a text editor, or if you can edit
through a control panel such as CPanel or VDeck, use that method if you
prefer. Find the following lines:

--------> start of lines to find and edit <------------

// Edit this line to list where you have located this countrycheck.php file
// plus the notfound.php file and the badcountry.php file.
$country1_dir = "/country1/";

// Edit this line to list where you have built the htxxx.php files.
$country2_dir = "/country2/";

// Edit this to be what is most likely to be an index file on your website.
// This is used when a directory is accessed without a trailing slash.
$defindex = "index.html";

--------> end of lines to find and edit <------------

The next thing to edit is the definition for $defindex. What is the most commonly
used index filename on your web site? If it's "index.html", then leave this as
it is. If it's "index.php" or something else, then edit this one.

Once you've finished editing countrycheck.php, upload it to the "country1" directory
on your web site if it's not already there.

If you'd like, you can also edit the two included files, "notfound.php" and
"badcountry.php". 

"notfound.php" is actually a very simple file containing plain html code. This
is sent to the user of a "good" country when countrycheck.php cannot find the
requested file on your web site.

The "badcountry.php" file is very simple. When a blocked country accesses your
website, this is the file that will be sent. It has just one line of php code in
it which is the "sleep()" command. It will pause for ten seconds and then send a
zero byte file. The user will get a big pause and then nothing. Absolutely nothing.
Everytime this user tries to access your website, there will be a ten second pause
followed by a blank screen. Chances are, this person will just go away and bother
someone else.

=== Create or modify your .htaccess file(s) ========

We've got just one more major step to perform, but it's really quite simple.
If you're already familiar with .htaccess files, you will already understand
the principle. If you don't know what an .htaccess file is, that's OK too
because all you have to know is how to cut and paste using a text editor.

If you already have .htaccess files on your web site, download the main one
from your home page where your main index.html or index.php (or whatever the
starting point of your web site is) is located. Load this .htaccess file
into any text editor. If you are currently not using any .htaccess files, then
just use a text editor to create one. You will be cutting and pasting the
following text into this file:

#----------------> start of cut and paste <-------------------

# This first segment is used when the current directory is requested but with
# just a trailing slash and no index.html name included in the URL.

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/country1/countrycheck.php
RewriteRule ^$ /country1/countrycheck.php?cc_indexfile=index.html [L]

# This second segment is used when any subdirectory is requested but with just
# a trailing slash and no index.html name included in the URL.

RewriteCond %{REQUEST_URI} !^/country1/countrycheck.php
RewriteRule ^(.*)/$ /country1/countrycheck.php?cc_indexfile=index.html [L]

# This third segment is used when an actual file is requested with the full
# path to the file included in the URL.

RewriteCond %{REQUEST_URI} ^.*\.htm [OR]
RewriteCond %{REQUEST_URI} ^.*\.html [OR]
RewriteCond %{REQUEST_URI} ^.*\.php
RewriteCond %{REQUEST_URI} !^/country1/countrycheck.php
RewriteRule ^(.+) /country1/countrycheck.php [L]

#----------------> end of cut and paste <-------------------

If you're creating a new .htaccess file, this is all you need. If you're modifying
an existing one, then paste it somewhere either near the start of the file
or near the end of the file, depending on what ever else is in the file. You
might have some other tests being performed that need to run first, or maybe
not. If you're not familiar with what you see in the file, then paste in the above
at the start of the file. If you really know what you are doing, then you will
be able to figure out where to paste it.

Now that we have the above text pasted in, we need to make some minor edits.
You'll notice that "/country1/countrycheck.php" is listed 6 times. Change the
"country1" part to whatever you called the new directory you created. If you created
the new directory inside the main "public_html" (called "httpdocs" on some systems
and maybe something else on other systems) or wherever it is that your web site
is located, then that's all you have to do. If however, you created it one or more
subdirectory levels down, then be sure to adjust it accordingly. For example, if
you created a new "country1" directory in the "newstuff" directory, you will
edit the above lines to look like:

/newstuff/country1/countrycheck.php

Make the changes to all 6 references in your .htaccess file. Now, one more thing
to edit. In your home page, there is a default index file called something like
"index.html" or "index.php" or maybe something else. But whatever it is called,
you need to include this in the .htaccess file. The countrycheck.php program needs
to know what file to send when someone accesses your website like this:

http://yourwebsite.com/

The countrycheck.php program will send the index.html file to the user. If your
default index file is named differently, edit it in the first segment where you see
the following line:

RewriteRule ^$ /country1/countrycheck.php?cc_indexfile=index.html [L]

Where it says "cc_indexfile=index.html", change the "index.html" to whatever your
default index file is named.

The next segment is similar, but this one is used for any subdirectory requests below
the one where this .htaccess file will reside. For instance, when the following request
is received:

http://www.yourwebsite.com/games/morestuff/

There is an index file in that subdirectory as well. Edit the following line that
you pasted in your .htaccess file. This one is in the second segment:

RewriteRule ^(.*)/$ /country1/countrycheck.php?cc_indexfile=index.html [L]

If you use "index.php" as your main index files, change where it says "index.html".
If you use different naming schemes for different subdirectories, you can adjust for
this by placing an .htaccess file in the directory where an uncommon name is used for
the index file. Wherever you place the .htaccess file, that becomes the top level for
that particular .htaccess file. So, now you will edit the first segment for the
directory where .htaccess resides and the second segment for any subdirectory below
that one. For most web sites, having multiple .htaccess files won't be needed especially
if a common naming convention is used for the index files.

The third segment is used when the user actually includes a real filename in the
URL. This segment will work just as it is with no editing needed.

Now, your .htaccess file is finished and ready to upload to your web site. Upload it
to your main directory where your web site's main index file is located. Once you have
done this, you will be blocking the countries you have selected.

=== Test your web site ========

Immediately test your web site to make sure it is working. Load up your web browser
and surf your own site. Click on anything you can and make sure everything is working
just the way you would expect it to work. Are all the pages loading properly? Are
all the images appearing?

NOTE: If too many things fail to work during your initial testing, quickly remove or
comment out the new lines in your .htaccess file and reupload it to your site. This is
how you turn off countrycheck.php. You can safely leave all the files in your "country1"
and "country2" directories while you are figuring out what's wrong. All the control is
done with the .htaccess file. In most cases, you will probably not see anything wrong
if your site is composed of well written code.

Clear your browser's cache so that you aren't being fooled with the browser displaying
previously cached pages and images. Go test your web site again. If you are running
special things like forums and chat rooms or anything else, go and do some stuff there
and make sure it is all working.

=== More stuff for the .htaccess file ========

Personally, I've tested this with the "phpBB2" forum software and found no problems. If
you're running a phpBB2 forum, you can keep all the bad countries out. I've also tested it
with the "x7chat" chat room software. So far, it seems to work fine. However, if you find
something that doesn't work, you can make countrycheck.php ignore that part of your site.
For this example, let's say there is a chat software package that doesn't work quite right
with countrycheck.php. All you have to do is add a line to your .htaccess file. The
following line will cause the directory called "chatroom" and every file and directory
below it to be completely ignored. In the third segment, add the following line:

RewriteCond %{REQUEST_URI} !^/chatroom/

With that line added, the third segment now looks like this:

RewriteCond %{REQUEST_URI} ^.*\.htm [OR]
RewriteCond %{REQUEST_URI} ^.*\.html [OR]
RewriteCond %{REQUEST_URI} ^.*\.php
RewriteCond %{REQUEST_URI} !^/chatroom/
RewriteCond %{REQUEST_URI} !^/country1/countrycheck.php
RewriteRule ^(.+)$ /country1/countrycheck.php  [L]

You can have any directory ignored by countrycheck.php by adding similar lines. You
can add as many of these lines as needed for any part of your web site that doesn't
seem to work quite right.

In the above example, it would also be a good idea to include that line in the
second segment for cases where the URL ends with a trailing slash and no index file
is requested.

So, why do some parts work while other parts do not? The problem is the way this has to
work. The countrycheck.php can only be called through "rewriting" that takes place in
the .htaccess file. The countrycheck.php program is then responsible for fetching the
requested file and sending it to the user. This method works very well for normal html
files. And it works quite well for most normal php files. But due to the way some php
files are coded, this may not work in all cases. It all depends on what the php code is
doing. I think you will find that most everything on most sites should work just fine.
If you find something that doesn't work, add a line to ignore that directory or
individual file. In the example above, an entire directory is being ignored. If you need
to just ignore a file within a directory, something like the following works:

RewriteCond %{REQUEST_URI} !/myoldstuff/16yearsofjunk.php

Instead of having countrycheck.php being called through an .htaccess file and being
responsible for delivering the content, it would have been better to just create a new
apache module and either continue or reject the request. However, this package is aimed
at those running on shared servers and doing something like loading in new apache modules
isn't possible. This is the only method I've found that works for web sites running on
shared servers at this point in time.

=== Even more edits for the .htaccess file ========

Now that you're quite sure everything is working good, you can make a few more minor
changes to the .htaccess files if desired. So far, we have only been protecting the
html, htm, and php files. Any other file requests are sent no matter what the
IP address is. In most cases, this is all you really need to protect. After all, files
such as jpg or gif images won't be requested unless an html or php file is first
requested. But if you want to protect those image files, you can add additional lines
in the third segment in your .htaccess file.

So, let's add IP address checking for our jpg and gif images. Cut and paste the following
two lines at the start of the third segment.

RewriteCond %{REQUEST_URI} ^.*\.gif [OR]
RewriteCond %{REQUEST_URI} ^.*\.jpg [OR]

The third segment should now look like this:

RewriteCond %{REQUEST_URI} ^.*\.gif [OR]
RewriteCond %{REQUEST_URI} ^.*\.jpg [OR]
RewriteCond %{REQUEST_URI} ^.*\.htm [OR]
RewriteCond %{REQUEST_URI} ^.*\.html [OR]
RewriteCond %{REQUEST_URI} ^.*\.php
RewriteCond %{REQUEST_URI} !^/country1/countrycheck.php
RewriteRule ^(.+)$ /country1/countrycheck.php  [L]

IMPORTANT: Notice how each line for the filetypes ends with "[OR]" all except for the php
line? The very last one of these lines must not have [OR] at the end of it. This is
just like saying "Check the IP address if the requested file is a gif or jpg or htm or
html or php".

So, why not just have countrycheck.php be used for every file? Because as described
previously, there are some files it just cannot deliver properly. Some files must be
run completely through the full apache handling. Until a better method comes along,
I think you'll find a great benefit from this package.

Many popular filetypes are supported by countrycheck.php and you can add any or all of
them to your .htaccess file. However, there's no point in adding a filetype if it doesn't
exist on your website. Also, be sure to test your site after adding a new filetype in the
.htaccess file to make sure it can be delivered properly.

Here's all the different filetypes you can add, just cut and paste the ones you wish
to use. They are all listed here in alphabetical order including the ones we have already
mentioned.

RewriteCond %{REQUEST_URI} ^.*\.avi [OR]
RewriteCond %{REQUEST_URI} ^.*\.bin [OR]
RewriteCond %{REQUEST_URI} ^.*\.bmp [OR]
RewriteCond %{REQUEST_URI} ^.*\.cpio [OR]
RewriteCond %{REQUEST_URI} ^.*\.csh [OR]
RewriteCond %{REQUEST_URI} ^.*\.css [OR]
RewriteCond %{REQUEST_URI} ^.*\.dll [OR]
RewriteCond %{REQUEST_URI} ^.*\.doc [OR]
RewriteCond %{REQUEST_URI} ^.*\.dvi [OR]
RewriteCond %{REQUEST_URI} ^.*\.eps [OR]
RewriteCond %{REQUEST_URI} ^.*\.exe [OR]
RewriteCond %{REQUEST_URI} ^.*\.gif [OR]
RewriteCond %{REQUEST_URI} ^.*\.gtar [OR]
RewriteCond %{REQUEST_URI} ^.*\.gz [OR]
RewriteCond %{REQUEST_URI} ^.*\.hdml [OR]
RewriteCond %{REQUEST_URI} ^.*\.htm [OR]
RewriteCond %{REQUEST_URI} ^.*\.html [OR]
RewriteCond %{REQUEST_URI} ^.*\.ico [OR]
RewriteCond %{REQUEST_URI} ^.*\.jpeg [OR]
RewriteCond %{REQUEST_URI} ^.*\.jpg [OR]
RewriteCond %{REQUEST_URI} ^.*\.lha [OR]
RewriteCond %{REQUEST_URI} ^.*\.lzh [OR]
RewriteCond %{REQUEST_URI} ^.*\.mid [OR]
RewriteCond %{REQUEST_URI} ^.*\.mov [OR]
RewriteCond %{REQUEST_URI} ^.*\.mp3 [OR]
RewriteCond %{REQUEST_URI} ^.*\.mpeg [OR]
RewriteCond %{REQUEST_URI} ^.*\.mpg [OR]
RewriteCond %{REQUEST_URI} ^.*\.pdf [OR]
RewriteCond %{REQUEST_URI} ^.*\.php [OR]
RewriteCond %{REQUEST_URI} ^.*\.php3 [OR]
RewriteCond %{REQUEST_URI} ^.*\.php4 [OR]
RewriteCond %{REQUEST_URI} ^.*\.png [OR]
RewriteCond %{REQUEST_URI} ^.*\.pot [OR]
RewriteCond %{REQUEST_URI} ^.*\.pps [OR]
RewriteCond %{REQUEST_URI} ^.*\.ppt [OR]
RewriteCond %{REQUEST_URI} ^.*\.ps [OR]
RewriteCond %{REQUEST_URI} ^.*\.qt [OR]
RewriteCond %{REQUEST_URI} ^.*\.rtf [OR]
RewriteCond %{REQUEST_URI} ^.*\.shtml [OR]
RewriteCond %{REQUEST_URI} ^.*\.snd [OR]
RewriteCond %{REQUEST_URI} ^.*\.tar [OR]
RewriteCond %{REQUEST_URI} ^.*\.tif [OR]
RewriteCond %{REQUEST_URI} ^.*\.tiff [OR]
RewriteCond %{REQUEST_URI} ^.*\.tgz [OR]
RewriteCond %{REQUEST_URI} ^.*\.txt [OR]
RewriteCond %{REQUEST_URI} ^.*\.wav [OR]
RewriteCond %{REQUEST_URI} ^.*\.wcm [OR]
RewriteCond %{REQUEST_URI} ^.*\.wdb [OR]
RewriteCond %{REQUEST_URI} ^.*\.wks [OR]
RewriteCond %{REQUEST_URI} ^.*\.wps [OR]
RewriteCond %{REQUEST_URI} ^.*\.wri [OR]
RewriteCond %{REQUEST_URI} ^.*\.xla [OR]
RewriteCond %{REQUEST_URI} ^.*\.xlc [OR]
RewriteCond %{REQUEST_URI} ^.*\.xlm [OR]
RewriteCond %{REQUEST_URI} ^.*\.xls [OR]
RewriteCond %{REQUEST_URI} ^.*\.xlt [OR]
RewriteCond %{REQUEST_URI} ^.*\.xlw [OR]
RewriteCond %{REQUEST_URI} ^.*\.zip [OR]


=== Using password protection ========

Even though you have chosen a hard to guess name for your two new directories,
you might want to consider password protecting the one that contains all your
htxxx.php files. Since that directory also contains countryhtsetup.php and
countryhtaccess.php, if someone ever discovers the name of the directory, they
could have the ability to load either one of these two programs in their own
browser and change your settings.

On the other hand, you do not want to password protect the directory that holds
countrycheck.php. Because if you do, then anytime a file is requested that gets
checked by countrycheck.php, a password will be required. This is probably not what
you want to happen. This is why only countrycheck.php, notfound.php, and badcountry.php
are located in that directory. Since there is a separate .htaccess file in that
directory to protect countrycheck.php, nobody will ever be able to get the file.

Describing how to password protect a directory is not the subject of this document.
If you are not already familiar with how password protection works on your web site,
most hosting control panels can perform the operation for you.

=== Protecting the countrycheck.php file ========

Ok, you've given the "country1" directory a name that is hard to guess, but
mistakes can be made and when that happens, somebody might find this directory and
try to grab your countrycheck.php file.

Well, don't worry about it. Nobody can actually download the file due to the way
the apache server deals with .php files. Apache won't send the file as-is, it will
first process the file as a php program. The countrycheck.php program doesn't output
anything that would reveal where your country2 directory is located or how to access
any of the programs in it. And besides, if someone tries to load the countrycheck.php
file directly through a browser, the program is designed to treat the request just as if
it were coming from a blocked country and the user will just get a blank page.

You would think that you could place an .htaccess file with a rewrite rule in your
country1 directory to redirect any attempt to access countrycheck.php, but due to
the way Apache handles file requests and .htaccess files, this isn't possible because
you would be doing a rewrite on every file access since other files are already
rewritten to access the countrycheck.php file.

So, simply put, don't worry about protecting countrycheck.php, it's protected
automatically.

=== Web site performance ========

I did most of the testing of this package with a web site running on a server that
runs at 266mhz. Today, that is considered slow, but the machine is only running
two moderately busy web sites. So, it's a good way to test because the performance
is probably similar if not somewhat better than a new high-speed server running 300
web sites. That's generally the case with web sites running on shared servers.

Needless to say, I am quite impressed with how well this runs. My own "seat of
the pants" feel noticed no performance problems. I even tested it on pages that
had to load numerous images and noticed nothing out of the ordinary. If I didn't
know that countrycheck.php was intervening on every file request, I would not even
know that something was different. Therefore, I did not feel it was necessary to
perform any actual time comparisons. It works good, that's all there is to it.

On the other hand, this particular server already has my other blocking method
that uses the kernel iptables to do the blocking. So, it's not being hounded
by a hundred hackers and spammers all at the same time. Because of that reason,
once you install this package, you might actually get a performance "increase"
due to all the bandwidth savings and lack of the server being bogged down by all
the idiots trying to scan your whole website for email addresses or vulnerabilities.
Although, you'll also want to get the other 299 web sites running on the same
shared server using this package. Then you will all really feel the difference.

No matter what, your web site will definitely be somewhat safer and more protected
by keeping out all the problem countries. They want your stuff, don't give it to
them!

=== The end, and thanks for using this ========

I think that's about it for getting everything going. I probably wrote a lot
more stuff here than I needed to, but it never hurts to have clear instructions,
and with examples!

Have fun and be safe...

Oh, one last thing... donations are welcome! Any small amount will encourage me
to continue developments such as this. Even a simple "thank you" email will do.
I just like knowing that I'm helping the better people of this world. Thanks...

-Maurice

http://fixingtheweb.com
http://cmdrkey.com
http://cbmfiles.com
http://wellscargosales.com

email: maurice@fixingtheweb.com
email: support@fixingtheweb.com

Maurice Randall
% Click Here Software
P.O. Box 606
Charlotte MI 48813

PH: (517) 543-5202



