Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
12-01-2014, 04:49 PM
|
#1
|
|
LQ Newbie
Registered: Nov 2014
Posts: 6
Rep: 
|
is there a way to block ips based on apache2 errors?
my webserver has been under attack for quite some time now, it is a basic http attack looking for a forums link(which no longer exists) that generates an apache error starting with "GET /forums/showthread.php?" is there a way i can write a shell script to auto add ips that generate this error to iptables as a blocked ip? that way the lag will be greatly reduced.
|
|
|
|
|
12-01-2014, 05:57 PM
|
#2
|
|
LQ Newbie
Registered: Jan 2006
Posts: 3
Rep: 
|
You can use htaccess for this, more info at the Apache web site
Additionally, using iptables you can limit the number of pings per minute, more here.
Also, you can use OSSEC |
|
|
|
|
12-01-2014, 09:41 PM
|
#3
|
|
LQ Newbie
Registered: Nov 2014
Posts: 6
Original Poster
Rep:
|
since it's an attack specifically designed to take up bandwidth and processing power(which i believe letting it get to apache would still use) i would like to add all these ip's to a complete blocklist in the iptables, the problem is, there are about 100 and i want to add them to iptables automatically when they try and access that file.
|
|
|
|
|
12-02-2014, 03:49 AM
|
#4
|
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,221
|
Quote:
Originally Posted by jonjetjon
since it's an attack specifically designed to take up bandwidth and processing power(which i believe letting it get to apache would still use) i would like to add all these ip's to a complete blocklist in the iptables, the problem is, there are about 100 and i want to add them to iptables automatically when they try and access that file.
|
You can use fail2ban for this
Regards |
|
|
|
|
12-02-2014, 04:38 PM
|
#5
|
|
LQ Newbie
Registered: Nov 2014
Posts: 6
Original Poster
Rep:
|
thank you so much! fail2ban is exactly what i was looking for!
|
|
|
|
All times are GMT -5. The time now is 05:08 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
