Ah but !!!....
You can configure mod_securiy so that it will not respond at all - ie -
it will just leave the client hanging waiting for a response (which it
will never get). Much like a 'silent' firewall.
As I said, not ideal (the connection is still live), but at least you
can suppress any outgoing data.
Note:
If you are using apache 2 then you can use mod_security to scan both
incomming and outgoing data. The outgoing scan is really useful because
you can stop information leaks in the event that someone DOES manage to
get to something they shouldn't.
If you are using apache 1.3, the output scanning is not available (it's
a limitation of the way 1.3 works). However, you can still block the
client on the incomming stream so that request never reaches apche
propper, and you can affctively ignore the request.
Rich.
dtufs wrote:
Once it you know this, you can configure it to
prevent further communication with the client
(not actually killing the connection, but the
affect will be the same - the client will give up).
Unfortunately, the "client" will not give up. The
result will be that our (very expensive) bandwidth
will be wasted on sending 403 responses (that's about
300 bytes per request).
Imagine a bot requesting a page twice per second. And
then imagine thousands of such bots, which ignore your
403 responses, using different IP addresses. Worms,
DDoS bots, etc. Something must be done.
__________________________________
Yahoo! Mail
Stay connected, organized, and protected. Take the tour:
http://tour.mail.yahoo.com/mailtour.html
!DSPAM:42b551aa275869908512351!
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
