[SOLVED] is there a way to block ips based on apache2 errors?
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
is there a way to block ips based on apache2 errors?
my webserver has been under attack for quite some time now, it is a basic http attack looking for a forums link(which no longer exists) that generates an apache error starting with "GET /forums/showthread.php?" is there a way i can write a shell script to auto add ips that generate this error to iptables as a blocked ip? that way the lag will be greatly reduced.
since it's an attack specifically designed to take up bandwidth and processing power(which i believe letting it get to apache would still use) i would like to add all these ip's to a complete blocklist in the iptables, the problem is, there are about 100 and i want to add them to iptables automatically when they try and access that file.
since it's an attack specifically designed to take up bandwidth and processing power(which i believe letting it get to apache would still use) i would like to add all these ip's to a complete blocklist in the iptables, the problem is, there are about 100 and i want to add them to iptables automatically when they try and access that file.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
is there a way to block ips based on apache2 errors?
