On 6/16/2021 9:05 PM, Will Fatherley wrote:
Hi All,I have been using A2 for a few years now, but I've not really needed to implement any deny/black-listing because I simply have no meaningful security/traffic constraints. In moving forward with development on top of A2 which does have security implications, I'm hoping it might be possible that folks might be willing to share how they store blocked remote addresses. For instance, are relational datastores and other such objects typically required at the enterprise level to store blocked addresses? Or is a plaintext file suitable from an efficiency standpoint?Best, Will F
I find it easiest to implement blocks at the border firewall especially if I'm implementing a stored list of known attack IP addresses. At the border firewall I can easily block a set of IP addresses from the WAN to all my resources... httpd and others.
Within Apache there are a variety of examples of what you can do at: https://httpd.apache.org/docs/2.4/howto/access.html I'm sure others can add to this advice from their own experiences. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|