stopping specific ip's from accessing apache
Distr-> Fedora C2
Websvr-> Apache 2 I have an IP address that I notice continually trying to gain access to my apache web server, only to get the 404. Is there a way I can block this address from getting to the web server, and filling my access_log with a bunch of crap? Thanks, Jeff |
you can turn that 404 into a 403 (forbidden) by using the follow in your httpd.conf file...:
<directory /some/directory> Order allow,deny Allow from all Deny from <ip-adderss> </directory> but i think a better solution, since you have this known problem from a known source would be to shut the bugger out from your firewall, or script something to strip those entries from your log file before processing/viewing. |
do you know if there is a way to stop a particular ip address from my router?
I have a Linksys wireless-g router (WRT54G) If not, any ideas how to stop an ip address with my fedora firewall? I'm defiantely not the ipchains or iptables expert. Thanks, Jeff |
|
|
If you are in fact running iptables, you could do something like this:
Code:
/sbin/iptables -A INPUT -i eth0 -p tcp -s source.ip.here -j DROP Basic iptables usage isn't as difficult as it looks, and besides - aren't you running linux so you can learn more about it? |
Thanks for the replies:
I've added the following, and yes, I did put the actual IP address in: iptables -A INPUT -i eth0 -p tcp -s <IP address> -j DROP I also added this to rc.local so that it will run when the server is rebooted. The problem is, that I still see the IP address in the logs. Do I need to use it a different way since my router port forwards :80 to this server? Thanks, Jeff |
Just an update...I figured out the problem. I had a chain that was ahead of my manual entry. Once I moved my manual entry above the chain I was golden.
|
All times are GMT -5. The time now is 06:38 PM. |