Does anyone know if there's a fail2ban type equivalent to try and detect and then block ips which are using my apache2 as a proxy?
I would like to have 'proxy' and 'proxy_http' enabled on apache2 for my own use but I see others are then using it as a proxy. At the moment I'm manually entering an iptables DROP command for each IP.
Is there a way to dynamically drop the IP's (but only those which are trying to proxy)?.
Can anyone suggestion anything please?
P.S. This is what I'm seeing my my log files and which I'm assuming means someone is using it as a proxy...
XXX.XXX.XXX.XXX - - [25/Mar/2009:16:04:16 +0100] "GET http://www.somewebsite.com HTTP/1.1" 403 - "http://www.someotherwebsite.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"