Re: Attack on my reverse proxy server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12.06.12 00:42, Ruiyuan Jiang wrote:
We see some attack on our apache reverse proxy server.

180.211.101.213 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 301 324
201.243.47.144 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 400 226
113.162.230.163 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 503 323

How can we block those activities on the apache server? Thanks.

if your server is accessible from the internet, such attacks _will_ come.
you should make sure that such attacks won't affect its functionality.

you can watch logs for that kind of activities and e.g. block source IPs in firewall (a.g. using fail2ban).

There apparently are apache modules that can to something similar internally.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
A day without sunshine is like, night.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux