Ah but !!!....You can configure mod_securiy so that it will not respond at all - ie - it will just leave the client hanging waiting for a response (which it will never get). Much like a 'silent' firewall.
As I said, not ideal (the connection is still live), but at least you can suppress any outgoing data.
Note:If you are using apache 2 then you can use mod_security to scan both incomming and outgoing data. The outgoing scan is really useful because you can stop information leaks in the event that someone DOES manage to get to something they shouldn't.
If you are using apache 1.3, the output scanning is not available (it's a limitation of the way 1.3 works). However, you can still block the client on the incomming stream so that request never reaches apche propper, and you can affctively ignore the request.
Rich. dtufs wrote:
Once it you know this, you can configure it to prevent further communication with the client (not actually killing the connection, but the affect will be the same - the client will give up).Unfortunately, the "client" will not give up. The result will be that our (very expensive) bandwidth will be wasted on sending 403 responses (that's about300 bytes per request).Imagine a bot requesting a page twice per second. And then imagine thousands of such bots, which ignore your 403 responses, using different IP addresses. Worms, DDoS bots, etc. Something must be done.__________________________________ Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html!DSPAM:42b551aa275869908512351!
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|