LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-23-2011, 05:08 AM   #1
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 598

Rep: Reputation: 30
iptable to block a sub-domain


HI all.,

Is it possible to block a subdomain or a one lower level directory URL access from other hosts or network ? I have a site running on my server and i want to block the particular directory under the domain, with the exception of loopback access? I mean the directory must be accessible from loopback/localhost.
http://mydomain.com/sub on port 10016(expect loopback)
http://mydomain.com/sub/sub1 on port 10016 (expect loopback)
please suggest

Code:
iptables -I INPUT 1 -i lo -p tcp --dport 10016 -m string -algo kmp --string "mydomain/sub" -j ACCEPT
iptables -I INPUT 2 -i lo -p tcp --dport 10016 -m string -algo kmp --string "mydomain/sub/sub1" -j ACCEPT

iptables -I INPUT 3 -i eth0 -p tcp --dport 10016 -m string -algo kmp --string "mydomain/sub" -j DROP 
iptables -I INPUT 4 -i eth0 -p tcp --dport 10016 -m string -algo kmp --string "mydomain/sub/sub1" -j DROP

Last edited by ZAMO; 02-23-2011 at 05:11 AM.
 
Old 02-24-2011, 01:33 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
You can't do this with iptables, it's none if it's business. You should look at mod_authz on apache for this.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I block myseft using IPTABLE cirano Linux - Server 5 07-01-2009 06:03 AM
IPtables - block subdomains (a.domain.com, b.domain.com, c.domain.com,...) benjalien Linux - Networking 6 06-24-2009 07:03 AM
what is an iptable? & how to seperate the network on the basis of iptable vinod.wagh Linux - Networking 1 09-11-2008 01:28 AM
iptable block not working dryheat Linux - Security 4 06-04-2008 12:06 PM
Iptable-rules block port 80 goldenmag Linux - Security 3 09-05-2003 06:56 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration