LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 06-17-2007, 09:06 PM   #1
andy1974
Member
 
Registered: Jun 2007
Posts: 85

Rep: Reputation: 15
Blocking ips from access


Hello all , i am in need of help....i am needing to block certain ip address from accessing my web server. how do i block the ip ...also i want to blook google bot as well
 
Old 06-18-2007, 02:55 AM   #2
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
Blocking IP addresses is easy. You might want to read up (howto, man page etc.) on iptables so you generally understand what is going on, but basically the rules you want to add (one per IP address) would look like one of the following:

Code:
iptables -A INPUT -s <IP address> -j DROP
iptables  -I INPUT <rule number> -s <IP address> -j DROP
They both drop packets coming from <IP address>. The first appends the rule to the end of the INPUT rules, and would be useful if you are using a script to set up your firewall. The second form inserts the rule at <rule number>, and is useful in adding a rule to an already running firewall.

But do read up some first -- it does matter where you put these rules wrt the rest of the firewall rules.

I've never run a web server, but I thought you asked web crawlers such as Google's to stay out with a robots file. Other than that, the only thing I would know to do would be to block the IP addresses at the firewall ... if you can find out the IP addresses.

Last edited by blackhole54; 06-18-2007 at 02:58 AM.
 
Old 06-18-2007, 08:49 AM   #3
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
Do you have a separate firewall?

Is your web server in a DMZ?

For instance, if I wanted a web server in a DMZ, my SmoothWall Express box could add those blocking rules through its web interface.
 
Old 06-18-2007, 02:41 PM   #4
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
To expand on blackhole54's reply, if your web server is on the same machine as your firewall, you should insert the iptables rule in the INPUT chain; if your firewall is on some other machine between the web server and the Internet, insert the blocking rule in the FORWARD chain.

It is also correct to note that all you can do wrt the Google robots is to ask them to leave your server alone. Most web crawlers will do this, but not all. To complicate things considerably, most of the big crawlers operate from many IP addresses, and share info among themselves, so the IP address that looks at the robots.txt file may not be the same one that actually sends a query to your server. More info than you probably want to know can be found at the robots.txt FAQ
 
Old 06-26-2007, 02:14 PM   #5
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 231Reputation: 231Reputation: 231
Well, what did you do, how did it work out?
 
Old 06-27-2007, 07:21 AM   #6
andy1974
Member
 
Registered: Jun 2007
Posts: 85

Original Poster
Rep: Reputation: 15
thanks

well....i learned how to set up the ip filter...also i learned about the google bot and how it works. also learned how to modify and use robots.txt. so all in all i am pretty satisfied i had sevral emails from member from this forum, so i wanted to thank everyone for their help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables help please with blocking range of IPs lleb Linux - Software 7 02-26-2007 11:09 AM
Blocking certain IPs with iptables - what am I doing wrong? thinksincode Linux - Security 2 12-21-2004 11:27 AM
Blocking A Class of Ips w/ Iptables kemplej Linux - Security 4 09-03-2004 12:02 PM
Blocking IPs bluelaguna Linux - Security 2 05-28-2004 03:08 PM
Blocking IPS clanehleader Linux - Security 2 09-01-2003 11:13 PM


All times are GMT -5. The time now is 01:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration