LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-30-2006, 02:45 PM   #1
ferdinand2
LQ Newbie
 
Registered: Jan 2006
Posts: 7

Rep: Reputation: 0
How to deny requests to server's IP


in httpd.conf
I use <Directory> inside and outside of <VirtualHost>
to deny access to my websites from some IPs however it only
works when site is accessed using url with domain name.
When I go to same webiste using its IP then "deny from" commands
are ignored in <Directory>.

Can I deny access to my IP's similar way I can deny access to domain name? I see this in access_log
208.254.45.254 - - [12/Dec/2006:01:14:25 -0500] "\x80@\x01\x03" 501
so I assume he is doing something bad and using direct requests to IP and I want to block him.

TIA and Happy New Year to All !
 
Old 12-31-2006, 05:18 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by ferdinand2
in httpd.conf
I use <Directory> inside and outside of <VirtualHost>
to deny access to my websites from some IPs however it only
works when site is accessed using url with domain name.
When I go to same webiste using its IP then "deny from" commands
are ignored in <Directory>.

Can I deny access to my IP's similar way I can deny access to domain name? I see this in access_log
208.254.45.254 - - [12/Dec/2006:01:14:25 -0500] "\x80@\x01\x03" 501
so I assume he is doing something bad and using direct requests to IP and I want to block him.

TIA and Happy New Year to All !
a quick way to completely block him would be to issue an iptables command on the server like:
Code:
iptables -I INPUT -s 208.254.45.254 -j DROP
if your server is behind a gnu/linux router, then just run the command on the router - substitute INPUT with FORWARD...

just my ...

Last edited by win32sux; 12-31-2006 at 05:24 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
hiding my server's IP address linuxhippy Slackware 8 07-06-2006 12:46 AM
server's where...... Dark_Sniper* Linux - Hardware 10 06-17-2005 11:07 PM
I think my server's been compromized karlovac Linux - Security 17 04-02-2005 10:18 AM
never_direct deny all vs. always_direct deny all simplyrahul Linux - General 1 02-16-2005 02:42 PM
Learning Server's emailssent Linux - Newbie 2 09-28-2004 12:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:50 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration