Hi folks,
I am doing testing of a new web site and the server is constantly being accessed by unwanted users looking for vulnerabilities. I have been blocking these on an adhoc basis by denying access using the httpd.conf file. But this is always after the fact.
Is there a service that offers a proactive way of doing this (e.g. a database of IPs that have been identified as abusing access at other sites)?
Thank you for assistance.
Harpist
IP blocking
3 posts
• Page 1 of 1
IP blocking
by Harpist » 19. October 2011 17:15
- Harpist
- Posts: 15
- Joined: 30. June 2011 19:40
- Operating System: WinXP Professional Ver2002 SP3
Re: IP blocking
by Sharley » 19. October 2011 21:27
A search of the internet may reveal a list and then instead of using the httpd.conf file add a .htaccess to the web site root folder, helps keep the httpd.conf file free of clutter.
This is how I do it on many of my hosted web sites that have this same issue and I can assure you there are such lists for you to download or copy and paste.
I usuall block an IP range (CIDR) as again, usually these are from well know and specific country IP blocks which helps keep the .htaccess file to a manageable size.
For example:
You can still add those you find in your log file and if you have a firewall then you could also try adding banned IPs into it's configuration settings, depending if available and how well you know how to configure your firewall.
Good luck,
This is how I do it on many of my hosted web sites that have this same issue and I can assure you there are such lists for you to download or copy and paste.
I usuall block an IP range (CIDR) as again, usually these are from well know and specific country IP blocks which helps keep the .htaccess file to a manageable size.
For example:
- Code: Select all
deny from xxx.xxx.xxx.xxx/24
- Code: Select all
xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx
You can still add those you find in your log file and if you have a firewall then you could also try adding banned IPs into it's configuration settings, depending if available and how well you know how to configure your firewall.
Good luck,
-
Sharley - AF Moderator
- Posts: 3316
- Joined: 03. October 2008 05:10
- Location: Yeppoon, Australia Time Zone: GMT/UTC+10
- Operating System: Win 7 Pro 32bit/XP Pro SP3
Re: IP blocking
by Altrea » 20. October 2011 05:24
Sharley wrote:if you have a firewall then you could also try adding banned IPs into it's configuration settings, depending if available and how well you know how to configure your firewall.
I recommend that too. The Firewall is in most cases the best place to handle unwanted requests. If the requests are reaching your HTTP-Daemon process vulnerabilities of that process can take effect.
The other reason why it is the better place is, that a webserver process can be more easily be affected by DDos attacks than a good and well configurated hardware firewall.
Last i just can hope that you don't use XAMPP for your public accessible website testing.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!
It's like porn for programmers
It's like porn for programmers
-
Altrea - AF Moderator
- Posts: 11935
- Joined: 17. August 2009 13:05
- XAMPP version: several
- Operating System: Windows 11 Pro x64
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 122 guests