WebApp Sec mailing list archives
Re: fail2ban
From: Dale Stirling <dale () puredistortion com>
Date: Tue, 26 Oct 2010 18:20:26 +1100
Kai, Here are a few ideas: Apache Allow,Deny something like. Order Deny Allow Deny <the ip making requests> Allow all IP tables: iptables -A INPUT --source <ip making requests> -j REJECT That will block the IP from making any connections to your server. Also fail2ban has several ready made apache rules in it it would not be hard to copy and adapt one of these the pre made rules are in /etc/fail2ban/fal2ban.d and /etc/fail2ban/jail.conf Dale On Fri, Oct 22, 2010 at 2:40 AM, Kai Witzke <security () gaark de> wrote:
Hey everybody! I have some serious problems with flooding attacks to my apache2. No problems with logins oder syn floods, just a huge amount of simple requests to my server from the same ip. Anyone got a nice howto on that or maybe a nice regex prepared for counting such requests and blocking the greedy ones? thanks in advance Kai This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- fail2ban Kai Witzke (Oct 25)
- Re: fail2ban Adrian J Milanoski (Oct 25)
- Re: fail2ban Ryan Dewhurst (Oct 26)
- Re: fail2ban primehaxor (Oct 26)
- Re: fail2ban Ryan Dewhurst (Oct 26)
- Re: fail2ban Jamuse (Oct 26)
- Re: fail2ban Rafel Ivgi (Oct 26)
- Re: fail2ban Dale Stirling (Oct 26)
- RE: fail2ban Perry B. Whelan (Oct 26)
- Re: fail2ban robert (Oct 28)
- Re: fail2ban Adrian J Milanoski (Oct 28)
- <Possible follow-ups>
- Re: fail2ban Alexandro Silva (Oct 31)
- Re: fail2ban Adrian J Milanoski (Oct 25)