11-25-2009
Quote:
If you are like me, you would simply like to block IP addresses of people with nothing better to do than probe your web server
Nice write-up but it's a non-standard and maintenance-prone "solution". Maybe people
not like you (;-p) should choose a combination of iptables rate limiting, webserver "BrowserMatch" and mod_security filtering instead?..
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have installed a linux 9 router/firewall and have issues with outside DNS queries making it in. here are my IPTABLE rules, can anyone make some suggestions?
ETH1 is my outside facing Interface, ETH0 is my inside facing interface.
Accept If input interface is not eth1
Accept If protocol is... (1 Reply)
Discussion started by: frankkahle
1 Replies
2. Linux
I have installed a linux 9 router/firewall and have issues with outside DNS queries making it in. here are my IPTABLE rules, can anyone make some suggestions?
ETH1 is my outside facing Interface, ETH0 is my inside facing interface.
Accept If input interface is not eth1
Accept If protocol... (6 Replies)
Discussion started by: frankkahle
6 Replies
3. UNIX for Dummies Questions & Answers
I'm new to Linux and I made a big mistake at work recently locking myself out of our own server :(.
I did iptables -F first as the tutorial said and then entered the rules. I wanted to start over again so I did iptables -F and it locked us out. We had to get someone to physically restart... (0 Replies)
Discussion started by: nogumo
0 Replies
4. Programming
I am using BSD TCP sockets under Debian Linux 2.6 and no matter what I do, the socket blocks on recv.
I have set O_NONBLOCK and O_NDELAY using fcntl to no effect.
Any ideas ? (3 Replies)
Discussion started by: johnmb
3 Replies
5. Shell Programming and Scripting
Hello,
Would this be an acceptable way of creating a non-blocking pipe.
Basically I want to create kind of a server client arch.
This code would be in the server, and I don't want to have to wait for
clients to read before moving on to the next client. One problem I
can see is if... (4 Replies)
Discussion started by: cdlaforc
4 Replies
6. Debian
we have internal network 192.168.129.x for a system hosted with
pdf.xxx.xyz URL is already public accessible
but when try to connect as site (/ap/p.nt) of the URL pdf.xxx.xyz/ap/p.nt
restriction to be applied publicly except accessing internally
can anyone guide me on this?? (1 Reply)
Discussion started by: shrinuvas
1 Replies
7. UNIX for Advanced & Expert Users
Hi Folks
I have been debugging a script that is called every thirty seconds. Basically it is doing a ps, well two actually, one to file (read by the getline below) and the other into a pipe. The one into the pipe is: -
V_SYSVPS=/usr/sysv/bin/ps
$V_SYSVPS -p$PIDLIST -o$PSARGS... (0 Replies)
Discussion started by: steadyonabix
0 Replies
8. UNIX for Dummies Questions & Answers
Hi!
I have a dedicated hosting working with 2 ips.
Is it possible to block all connections but 1 in all existing ports for only 1 of my ips?
I mean like, I have 2 ips for example: 190.x.x.5 and 190.x.x.6
I want that all the connections going to 190.x.x.6 in all ports get rejected but only 1... (7 Replies)
Discussion started by: Kekox
7 Replies
9. Programming
among the below socket programming api's, please let me know which are blocking and non-blocking.
socket
accept
bind
listen
write
read
close (2 Replies)
Discussion started by: VSSajjan
2 Replies
10. Cybersecurity
Just added these lines to our server firewall:
iptables -A INPUT -p tcp --dport 3306 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j DROP
Even though mysql is configured to correctly only listen on port 127.0.0.1 we still see these mysql log file notes on a daily... (0 Replies)
Discussion started by: Neo
0 Replies
LEARN ABOUT CENTOS
mrtg-webserver
MRTG-WEBSERVER(1) mrtg MRTG-WEBSERVER(1)
NAME
mrtg-webserver - hints for web server configuration
SYNOPSIS
If you want people to actually see the results of your network monitoring efforts you will need a webserver.
This document lists some configuration hints for webservers. Contributions welcome.
APACHE
Configuring mod_expire
A big issue with mrtg monitoring data is the expiry time. All these nice graphs you can create are only valid for a short time. If you do
not take special action some webbrowsers will not notice this and you may end up with people seeing old data because of caching issues.
The apache module mod_expire allows you to setup special expiry properties for individual file.
Here is an example for how this may look for an mrtg web directory. The configuration directives can be stored into a .htaccess file.
############################################################
# Example .htaccess for use with apache-1.2 and mod_expire.
# (mod_expire come with apache-1.2 but you have to explicitly
# activate it when compiling the httpd ...)
#############################################################
#
<Files "*-day.png">
ExpiresActive On # enable expirations
# five minutes
ExpiresDefault M300
</Files>
<Files "*-week.png">
ExpiresActive On
ExpiresDefault M1800
</Files>
<Files "*-month.png">
ExpiresActive On
ExpiresDefault M7200
</Files>
<Files "*-year.png">
ExpiresActive On
ExpiresDefault M86400
</Files>
<Files "*.html">
ExpiresActive On
ExpiresDefault M300
</Files>
# index.html is not automatically generated
<Files "index.html">
ExpiresActive Off
</Files>
AUTHOR
Unknown
2.17.4 2012-01-12 MRTG-WEBSERVER(1)