> -----Original Message----- > From: dtufs [mailto:dtufs@xxxxxxxxx] > Sent: Sonntag, 19. Juni 2005 11:21 > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] How to close connection instead of sending 403? > > > We have been trying to cut down our bandwidth usage by > disallowing access for many spammers and malevolent > bots. We are currently doing it via .htaccess and > respond with the "403 Forbidden" code. > > However, this still costs us some bandwidth. What we > would like to do is close the connection without even > responding to any bad's visitor request. Bad visitor > is detected by examining the user agent and/or > referrer, or requested URI (never by examining the IP > address). The point to understand is that the internet is a layered communication system. There are actually seven layers in the model (see http://www.webopedia.com/quick_ref/OSI_Layers.asp) but for this discussion the only two that are important are the TCP/IP layer (network/transport) and the HTTP layer (application). As annoying as the requests might be to you, they are valid TCP/IP packets so the network/transport layer is required to deliver them. Only when you get to the HTTP layer (and see the contents) can you decide you don't want them. Apache is an application and can only block at the HTTP layer - it can't interfere with TCP/IP. Similarly, anything that works at the TCP/IP layer (bridge, FW, router) *cannot* interfere with the contents of the packets. It's like you say to your secretary, "I don't want to see any more letters from Fred Bloggs". You secretary (apache) can open your letters for you and bin any from Fred Bloggs but she can't stop the postman delivering them. Also, you can't ask the postman not to deliver letters from certain people since he's not allowed to open the mail before he delivers it to you. So the bottom line is that you can't do it like you want... Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > Is this possible to do on Apache (running on Red Hat)? > Thanks in advance. > > > > __________________________________ > Yahoo! Mail > Stay connected, organized, and protected. Take the tour: > http://tour.mail.yahoo.com/mailtour.html > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|