Re: blocking multiple hosts at once (hosts from an apache log)



Hello

A tool like fail2ban may help you.
lt will be able to scan apache logs and ban (using iptables) users if
they occur tou much traffic.

Regartds,

Pascal.

Emmanuel Oga wrote:
I have a problem I don't even know how to google for with the proper terms.

I'm using a VPS to host some http pages, my bandwith per month is
fixed at about 2gb total.

I leaved apache running, without anything but the hello world page,
for about 15 days.

When I came back, I learned 1.5GB or so of my bandwith was drained by
requests from a lot of different hosts (most of them from china).

All the bandwith was sucked by serving 404 pages, and this was only
from the apache log, I'm not sure about the connections to other ports

My question is, how can I block these and other potential sources of
"bad traffic" ? (or even all connections from china) Is there any
tool to automate this? Which firewall should I be using on my server?

Googling around I found these dnsbl black lists, these are supposed to
be for spam filtering, but would it make sense to use them to block
hosts trying to connect to my server?

Thanks

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------





--
Pascal HERAUD
09 50 30 24 64
Architecte Logiciel - La Roue Verte


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • [RHSA-2002:103-13] Updated Apache packages fix chunked encoding issue
    ... The Apache Web server contains a security vulnerability which can be used ... Versions of the Apache Web server up to and including 1.3.24 contain a bug ... Please note that this update is also available via Red Hat Network. ...
    (Bugtraq)
  • Re: Way to avoid having to type sudo password each time?
    ... need to restart my Apache web server, and hwen I pop open my terminal ... dave to the apachectl command, you would add entries similar to this: ... I'm still being prompted for my password when trying to restart ...
    (comp.sys.mac.system)
  • Re: Way to avoid having to type sudo password each time?
    ... need to restart my Apache web server, and hwen I pop open my terminal ... dave to the apachectl command, you would add entries similar to this: ... I'm still being prompted for my password when trying to restart ...
    (comp.sys.mac.system)
  • Re: HTML editor for Mac?
    ... > But for best results, run a local Apache web server, and browse the ... I run Apache as on my Mac to illustrate to me what my ... > Apache then controls the file types issue, ...
    (alt.html)
  • Re: Way to avoid having to type sudo password each time?
    ... need to restart my Apache web server, and hwen I pop open my terminal ... dave to the apachectl command, you would add entries similar to this: ... I'm still being prompted for my password when trying to restart ...
    (comp.sys.mac.system)