Banning IPs from Apache?
Cole Tuininga
colet at code-energy.com
Thu Feb 5 07:13:10 EST 2004
On Thu, 2004-02-05 at 06:46, Duane Morin wrote:
> Recently I'm experiencing nasty load problems on my home web server for
> reasons I have yet to determine. But I do see that my access logs are
> full of the usual worm traffic. Can somebody point me in the right
> direction (or just give me the quick tutorial) on whether I can tell
> Linux or Apache ASAP "here's a bunch of IPs that I dont want you to
> respond to at all?" What's the optimal way of making sure that these
> hits don't kill your server (or even interfere with its usual operation)?
I don't know about apache, but this sounds like it would be pretty easy
to do by chaining/tabling out ranges of ip's.
man iptables
But I believe the command would be something like:
iptables -A INPUT -p tcp --dport 80 -s <offending ip/netmask> -j DROP
--
"... one of the main causes of the fall of the Roman Empire was that,
lacking zero, they had no way to indicate successful termination of
their C programs." -- Robert Firth
Cole Tuininga
Lead Developer
Code Energy, Inc
colet at code-energy.com
PGP Key ID: 0x43E5755D
More information about the Discuss
mailing list