Re: Apache attacks - you can't stop them, or can you?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 03/06/2013 07:17 AM, Robert Moskowitz wrote:
> So I have this nice, simple web server up running.  Its purpose is to 
> allow me external testing with HIP, and to provide some files for 
> external distribution.  Of course, there it is sitting on port 80 and 
> the attacks are coming in per logwatch report.  Examples from the report 
> include:
>
>   Requests with error response codes
>      404 Not Found
>         //phpMyAdmin-2.5.1/scripts/setup.php: 1 Time(s)
>         //phpMyAdmin-2.5.4/scripts/setup.php: 1 Time(s)
>         //phpMyAdmin-2.5.5-pl1/scripts/setup.php: 1 Time(s)
>         //phpMyAdmin-2.5.5-rc1/scripts/setup.php: 1 Time(s)
>         //phpMyAdmin-2.5.5-rc2/scripts/setup.php: 1 Time(s)
>         /muieblackcat: 1 Time(s)
>         /myadmin/scripts/setup.php: 2 Time(s)
>         /mysql-admin/scripts/setup.php: 1 Time(s)
>         /mysql/scripts/setup.php: 1 Time(s)
>         /mysqladmin/scripts/setup.php: 2 Time(s)
>         /mysqlmanager/scripts/setup.php: 1 Time(s)
>
> Now these are only a few, though I am probably not being hit as hard as 
> others out there.
>
> My question is:
>
> Is there a way to shut this nonsense down?  Or because I am sending the 
> 404, I am doing all that is reasonable to do?
>
> I am wondering that if this list starts getting long, that is a lot of 
> logging and I probably don't need to log 404s?

There is also mod_security ...

http://people.centos.org/hughesjr/mod_security/

You can read about what it is here:

http://www.modsecurity.org/



Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux