Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: blocking multiple hosts at once (hosts from an apache log)

From: Pascal Heraud <pascal.heraud () laroueverte com>
Date: Fri, 11 Dec 2009 09:08:42 +0100
Hello

A tool like fail2ban may help you.
lt will be able to scan apache logs and ban (using iptables) users if
they occur tou much traffic.

Regartds,

Pascal.

Emmanuel Oga wrote:

I have a problem I don't even know how to google for with the proper terms.

I'm using a VPS to host some http pages, my bandwith per month is
fixed at about 2gb total.

I leaved apache running, without anything but the hello world page,
for about 15 days.

When I came back, I learned 1.5GB or so of my bandwith was drained by
requests from a lot of different hosts (most of them from china).

All the bandwith was sucked by serving 404 pages, and this was only
from the apache log, I'm not sure about the connections to other ports

My question is, how can I block these and other potential sources of
"bad traffic" ?  (or even all connections from china) Is there any
tool to automate this? Which firewall should I be using on my server?

Googling around I found these dnsbl black lists, these are supposed to
be for spam filtering, but would it make sense to use them to block
hosts trying to connect to my server?

Thanks

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  



-- 
Pascal HERAUD
09 50 30 24 64
Architecte Logiciel - La Roue Verte 


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: