-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/22/08 01:09, Thierry Chatelet wrote: > On Tuesday 22 April 2008 07:27:39 Lee Glidewell wrote: >> On Monday 21 April 2008 10:08:22 pm Thierry Chatelet wrote: >>> Hello >>> I know it's not really debian related, but: >>> A site call ripe.net is trying all sorts of addresses to go inside my >>> sites, like mysite.com/var/www/documents and so on. About a month ago, I >>> email to the owner of the site, and it stopped, until this WE. So, I >>> would like to ban him (they have about 10 different IP addresses hosted >>> on servers from Netherland to Asia) to log into my server. I known, I can >>> do it using deny from + IP in each virtual host. What I would prefer to >>> do is deny those IP's from the server, not from each host.My server is >>> running etch -> >>> apache2.2.3-4. How can I do that? >>> Thierry >> Thierry, >> You could block the IP address (/range) in iptables, I suppose. That's >> normally pretty extraneous as a security measure (that's not going to stop >> anyone who's targeting you), but if there's a bot on that server that's >> constantly bugging you, that should be a quick way of making it stop >> filling up your access logs. > > Thanks for the answer. Did not think about iptables!! Could be a way of > dealing with the problem. > They are not really filling up my access.log but my error.log for sure. Since
There's a package in the repository that well scan your Apache logs and generate appropriate IPtables rules. Sadly, I don't remember the name. - -- Ron Johnson, Jr. Jefferson LA USA We want... a Shrubbery!! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIDaZES9HxQb37XmcRAl9jAJ9lYpmDNPGWiwXrnLPuDckZEscvWwCghk0Z 5H6zaNQbS1fUmaHzLGPBW7o= =oStg -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
