On Mon, Dec 8, 2008 at 9:43 PM, Nikolas Lam <nlam87346@xxxxxxxxxxxxxxxxxxx> wrote: > On Mon, 2008-12-08 at 21:31 -0800, Jose R R wrote: > ... >> I am also looking for insight/recommendations on an utility to stop >> scraping/resource probing like abuses, where an given perpetrator will >> start at the root of the web resources and continue for several >> minutes traversing the whole site(s). > > Check out fail2ban - it monitors your logs and modifies your iptables > entries to block likely abusers for a fixed period (all configurable). > I've found it highly affective against bulk automated brute-force > attacks. > > Nik > > Thanks for pointing out my omission, Nik. I have enabled the following sections in fail2ban jail.local configuration file and I will continue monitoring closely. [apache] enabled = true port = http filter = apache-auth logpath = /var/log/apache*/*error.log maxretry = 6 [apache-noscript] enabled = false port = http filter = apache-noscript logpath = /var/log/apache*/*error.log maxretry = 6 Regards. -- Jose R R http://www.metztli-it.com -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
