On Mon, 2017-01-09 at 11:06 -0600, John R. Dennison wrote:
> On Mon, Jan 09, 2017 at 04:23:05PM +0000, Always Learning wrote:
> >
> > Agreed. One of my Apache defences is to redirect probes/hacks to
> > 127.0.0.1 :-)
>
> Would you be willing to share this rewrite rule with the list, please?
> Some may find it useful. Thank you.
(1) Hosting several web sites on a single IPv4 address.
(2) Create Apache Virtual Hosts for each web site plus one extra.
(3) Assuming the IP address is 1.2.3.4 and that IP address has a host
name of dummy.domain.com *and* no web site is hosted with the name
dummy.domain.com
(4) The 'extra' Apache Virtual Host file contains ....
<VirtualHost 1.2.3.4:80 dummy.domain.com:80>
DocumentRoot /prod/web/domains/dummy/
ServerName 1.2.3.4
CustomLog ............
ErrorLog ...........
HostnameLookups Off
<Directory /prod/web/domains/dummy/>
Header set Access-Control-Allow-Methods "GET"
Order Deny,Allow
Allow from all
RedirectMatch permanent ^/(.*)$ http://127.0.0.1/
</Directory>
</VirtualHost>
(5) Any attempt to access:-
* using the IP address as a web site host name, or
* the host name of the IP address as a web site host name,
is diverted to 127.0.0.1
--
Regards,
Paul.
England, EU. England's place is in the European Union.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
