LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   How do I deny host? (https://www.linuxquestions.org/questions/linux-security-4/how-do-i-deny-host-148967/)

Inexactitude 02-21-2004 09:41 PM
How do I deny host?
 
I want to deny one person from being able to use services one my machine, specifically a web server, based on their ip address. I tried adding them to the hosts.allow file, but that didn't yield any results. Is there any other way I can deny someone from using services on the machine?

Thanks for any help.

Capt_Caveman 02-22-2004 12:36 AM
If you wanted to deny someone, you'd normally use hosts.deny. But not all services use tcpwrappers (hosts allow/deny) and specifically Apache does not. Probably the best way is to just use iptables:

As root do:

iptables -I INPUT -p tcp --dport 80 -s xxx.xxx.xxx.xxx -j DROP

You might have to adjust the destination port (--dport) if you're using a non-standard http port and substitute in the offending IP.

----EDIT---

If you want to keep them from accessing anything at all just do:

iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP

tigerflag 02-22-2004 11:17 AM
Can't help you, but I love your sig!

Siri Amrit

Inexactitude 02-22-2004 02:00 PM
Thanks for the iptables help. I was able to deny the person by using directory protection of the webserver's document root.


All times are GMT -5. The time now is 06:35 PM.