How to block some key words in my url for apache config?

Login or Register to Reply

 
Thread Tools Search this Thread
# 1  
Lightbulb How to block some key words in my url for apache config?

Hi Folks,

I am running a website and that needs to be tightened with security in terms of hacking... Whereas, In my URL, when i click on certain links the entire link as contains some words like below:
Code:
/control_panel
/controlpanel
/admin
/cms

Whereas, i need to block those words in apache config file, which can only be access internally. Let me know how to achieve this ..

-Siva

Last edited by rbatte1; 03-29-2018 at 06:27 AM..
# 2  
In general doing this manually would be folly but I know at least that there are efforts at blocking all "bad" bots (bots with recognisable user agents)

One example is: Apache Ultimate Bad Bot Blocker (find on github).

It uses BrowserMatchNoCase or similar to match user agents and put them in a list (set an environment variable for it) which then, as a whole, is denied.

There's little point in blocking known URLs your server doesn't have, as opposed to the bots that try to access the ones you *do* have.

So blocking the URLs is pointless (ineffective if you don't have them, and disruptive if you do have them), you will have to block the activity itself.

Many bots (most bots) do not actually identify as a common user agent, even the hacker-type bots will just use something recognisable.

Alternatively, when a known URL gets hit that requires password authentication fail2ban is often employed to block individual IPs.

Last edited by dryden; 04-22-2018 at 08:38 AM.. Reason: Automatic merging not acceptable
Login or Register to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
Apache virtual host config vs global config problem
freebird8z
Hi folks, I am trying to configure Apache webserver and also a virtual host inside this webserver. For Global server config: /var/www/html/index.html For virtual host config: /var/www/virtual/index.html Both client10 & www10 are pointing to 192.168.122.10 IP address. BUT, MY...... Red Hat
1
Red Hat
Apache vhosts config RewriteCond to ignore part of URL
crmpicco
I am attempting to control redirections on my site using the Apache vhosts config. I have two-letter regions setup, such as /fr, /de, /es, which I am currently ignoring as you will see from my vhosts file below. However I also have a 301 permanent redirect setup to redirect /cm (and /fr/cm,...... Web Development
3
Web Development
apache url redirection
raghur77
I need help in apache url redirection: I have added the below command in httpd.conf and it is working fine. Redirect http://xyz.com/site/homehttp://abc.com/site/home Can we set a rule such that http://xyz.com/site/* -> http://abc.com/site/* is applied For...... Web Development
0
Web Development
Apache Virtual URL
wuschelz
Hi All, i'am facing a problem with urls that don't have a filestructure under DocumentRoot. A URL like http://mydomain.com/applicationrew/Structure1/Structure2/some?parameter=key&parameter1=key1 Should be rewritet to something else. Now i defined a Location like <Location ~...... Web Development
3
Web Development
Apache, hiding the url
blesets
Hello, how to hide the full addres url, in apache web server. eg, www.example.org/www/pub/index.html, the address in browser only www.example.org . Thank You.... UNIX for Dummies Questions & Answers
2
UNIX for Dummies Questions & Answers

Featured Tech Videos