Blocking from apache:
<Location />
Order Allow,Deny
Deny from <INSERT IP TO BLOCK HERE>
</Location>
You can block it at the network stack level too, this way apache does
not even see the request, ex on linux using iptables.
bye, Frederik On 09/30/2014 07:16 PM, Hans-Georg Scherneck wrote:
Hi, I'm new to this, and I'm no specialist in Apache, sorry. My site is bombarded by POST requests from a site identifying itself like 123.123.123.123.word.word.word.wordA "deny from" instruction with a string trying to match this in .htaccess does not appear to work (though other abusers with simple IP's I can get barred this way). The leading IP is always a fake, and it is changed every time they POST new crap. A safe criterion must focus on the word-part.Do you have a working string for me? Can you suggest another method?(I have made a change to the mailto.cgi script that sends the crap into /dev/null, exploiting a mistake in the form data that they are sending, but soon they'll find out, and I want to be a step ahead of them).Thanks in advance
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|