On Tuesday 22 April 2008 07:27:39 Lee Glidewell wrote: > On Monday 21 April 2008 10:08:22 pm Thierry Chatelet wrote: > > Hello > > I know it's not really debian related, but: > > A site call ripe.net is trying all sorts of addresses to go inside my > > sites, like mysite.com/var/www/documents and so on. About a month ago, I > > email to the owner of the site, and it stopped, until this WE. So, I > > would like to ban him (they have about 10 different IP addresses hosted > > on servers from Netherland to Asia) to log into my server. I known, I can > > do it using deny from + IP in each virtual host. What I would prefer to > > do is deny those IP's from the server, not from each host.My server is > > running etch -> > > apache2.2.3-4. How can I do that? > > Thierry > > Thierry, > You could block the IP address (/range) in iptables, I suppose. That's > normally pretty extraneous as a security measure (that's not going to stop > anyone who's targeting you), but if there's a bot on that server that's > constantly bugging you, that should be a quick way of making it stop > filling up your access logs.
Thanks for the answer. Did not think about iptables!! Could be a way of dealing with the problem. They are not really filling up my access.log but my error.log for sure. Since about 3 month ago, when someone (him?) broke into my site and wiped off all the content of my var/www directory, and the log, I am a bit more ... attentive of what's happening. I formated the drive and reinstalled everything just to be sure nothing bad would happend. Now, I have seen a module called authz.host and I think I can use it to allow or deny host to connect. But I must admit that I could not understand the documentation on how to use it. Thierry -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
