PHP无法动态更改Apache的配置,但正如您所说,您可以使用PHP编辑配置或.htaccess文件重新加载配置.但我认为,给Web应用程序在Web服务器上提供更多功能会带来很大的安全风险.
您动态阻止IP的示例可以使用mod_rewrite的RewriteMap指令完成.基本上,您可以为您的网站编写一个mod_rewrite规则,该规则将指示mod_rewrite查找您的PHP脚本可以维护的外部数据源.
mod_rewrite文档有一个例子可以从:拒绝黑名单中的主机
Description:
We wish to maintain a blacklist of hosts, rather like hosts.deny,
and have those hosts blocked from accessing our server.
Solution:
RewriteEngine on
RewriteMap hosts-deny txt:/path/to/hosts.deny
RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]
RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^ - [F]
##
## hosts.deny
##
## ATTENTION! This is a map, not a list, even when we treat it as such.
## mod_rewrite parses it for key/value pairs, so at least a
## dummy value "-" must be present for each entry.
##
193.102.180.41 -
bsdti1.sdm.de -
192.76.162.40 -
Discussion:
The second RewriteCond assumes that you have HostNameLookups turned on,
so that client IP addresses will be resolved. If that's not the case,
you should drop the second RewriteCond, and drop the [OR] flag from
the first RewriteCond.
您的PHP脚本可以维护这些文本文件(其他数据存储也可用),您可以根据您的特定需求制作任意数量的规则集来动态控制访问.那会有用吗?