************************************************************************
* Do not Cc: me, because I READ THIS LIST, if I write here *
* Keine Cc: am mich, ich LESE DIESE LISTE wenn ich hier schreibe *
************************************************************************
Hello,
on my "devel" server I have a script, which allow me to upload Debian
packages which then are included in my private Debian mirror.
Now I have gotten several 1000 hits in the last days. I call it DoS.
There are idiots who have tried to upload shit on my Webspace but since
I check it to be ONLY Debian files they where not successful.
My biggest problem is, that the "/fileupload.php" was always references
from outside my webspace. OK, I was thinking this can be solved by
using HTTP_REFERER which has then worked for some days but NOW those
pigs are back and sending spoofed HTTP_REFERER.
Since I have only a VHost @ISP I can not go deeper into the Apache2
config what I have done when I was running my own server.
Can anyone suggest me something, how to block requests from outside?
Size limitation is not possibel, since some of my upload files are very
huge and I must be able to upload files without Laptop and FTP/SCP
access.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
<<attachment: signature.pgp>>
