--On Sunday, August 21, 2011 2:51 AM +0100 Always Learning <centos@xxxxxxxxxxx> wrote: > I am acutely conscious of being locked-out. I can get in remotely via > the console. However the very first entries in every server's iptables > have always been to allow 3 static IPs access. 3test comes later on in > the sequence, ensuring what happens there should never lock me out. To reduce the attack surface, create a script that can only update that subtable with a supplied IP address and then invoke it by sudo. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Apache Changing IPtables C 5.6 via Apache
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Apache Changing IPtables C 5.6 via Apache
- From: Kenneth Porter <shiva@xxxxxxxxxxxxxxx>
- Date: Sat, 20 Aug 2011 22:55:58 -0700
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <1313887875.4263.68.camel@m6.u226.com>
- References:
- Apache Changing IPtables C 5.6 via Apache
- From: Always Learning
- Re: Apache Changing IPtables C 5.6 via Apache
- From: Craig White
- Re: Apache Changing IPtables C 5.6 via Apache
- From: Always Learning
- Apache Changing IPtables C 5.6 via Apache
- Prev by Date: Re: Apache Changing IPtables C 5.6 via Apache
- Next by Date: Re: Apache Changing IPtables C 5.6 via Apache
- Previous by thread: Re: Apache Changing IPtables C 5.6 via Apache
- Next by thread: Re: Apache Changing IPtables C 5.6 via Apache
- Index(es):
 |