IP blocking

Problems with the Windows version of XAMPP, questions, comments, and anything related.

IP blocking

Postby Harpist » 19. October 2011 17:15

Hi folks,

I am doing testing of a new web site and the server is constantly being accessed by unwanted users looking for vulnerabilities. I have been blocking these on an adhoc basis by denying access using the httpd.conf file. But this is always after the fact.

Is there a service that offers a proactive way of doing this (e.g. a database of IPs that have been identified as abusing access at other sites)?

Thank you for assistance.

Harpist
Harpist
 
Posts: 15
Joined: 30. June 2011 19:40
Operating System: WinXP Professional Ver2002 SP3

Re: IP blocking

Postby Sharley » 19. October 2011 21:27

A search of the internet may reveal a list and then instead of using the httpd.conf file add a .htaccess to the web site root folder, helps keep the httpd.conf file free of clutter.

This is how I do it on many of my hosted web sites that have this same issue and I can assure you there are such lists for you to download or copy and paste.

I usuall block an IP range (CIDR) as again, usually these are from well know and specific country IP blocks which helps keep the .htaccess file to a manageable size.
For example:
Code: Select all
deny from xxx.xxx.xxx.xxx/24
There are few online CIDR conversion utilities that can convert an IP block range like
Code: Select all
xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx
for you.

You can still add those you find in your log file and if you have a firewall then you could also try adding banned IPs into it's configuration settings, depending if available and how well you know how to configure your firewall.

Good luck, :)
User avatar
Sharley
AF Moderator
 
Posts: 3316
Joined: 03. October 2008 05:10
Location: Yeppoon, Australia Time Zone: GMT/UTC+10
Operating System: Win 7 Pro 32bit/XP Pro SP3

Re: IP blocking

Postby Altrea » 20. October 2011 05:24

Sharley wrote:if you have a firewall then you could also try adding banned IPs into it's configuration settings, depending if available and how well you know how to configure your firewall.


I recommend that too. The Firewall is in most cases the best place to handle unwanted requests. If the requests are reaching your HTTP-Daemon process vulnerabilities of that process can take effect.
The other reason why it is the better place is, that a webserver process can be more easily be affected by DDos attacks than a good and well configurated hardware firewall.

Last i just can hope that you don't use XAMPP for your public accessible website testing.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 47 guests