Block URL request in server
Our server has been getting probed for security holes. We want to block some URL requests to help prevent the probes. We have things like
404 Not Found
/awstats/awstats.pl?configdir=|echo;echo%2 ... cho%20YYY;echo|: 1 Time(s)
/blog/xmlrpc.php: 1 Time(s)
/blog/xmlsrv/xmlrpc.php: 1 Time(s)
/blogs/xmlsrv/xmlrpc.php: 1 Time(s)
in our logwatch file. In /etc/httpd/conf/httpd.conf, at the bottom, there are some blocks already in place of a different type:
RewriteCond %{HTTP_USER_AGENT} SurveyBot [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} tele(port|soft) [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} TurnitinBot [OR] # Turnitin spybot
How can I do the same kind of thing, but for URLs?
|