[NTLUG:Discuss] allow http request only
Steve
steve at cyberianhamster.com
Fri Nov 16 17:35:50 CST 2001
Maybe you could...
- Not have your hosts.deny file re-written to include that IP address.
You might be much better off denying offending IP addresses at the
firewall level instead. Perhaps a script that adds the IP address in a
DENY for every port but 80.
- Not have Apache go through the access lists? Now you can still deny
access to other services from hosts.deny but allow access to Apache.
Steve
>> On Fri, 16 Nov 2001, m m wrote:
>>
>> > sorry for replying late.
>> >
>> > ok, my first though is I want all http request
>> > can go through port 80 on firewall to the websrever.
>> > of course I have ip masquade doing it. and it works.
>> > I also have portsentry doing scan stuff.
>> > The problem is when the hacker's ip has been blocked, the
>> > ip will be on the list on /etc/hosts.deny, and can never
>> > access to my box (it's good), but I still want allow that
>> > ip can "browse" my website.
More information about the Discuss
mailing list