Hello,
Because everyone needs to try several ways of skinning a cat before
finding their preferred method....
I always configure denyhosts with:
HOSTS_DENY = /etc/denyhosts.blocked
BLOCK_SERVICE =
Which gives you a very nice file of exactly what denyhosts has blocked,
doesn't mess with your existing hosts.deny, etc., and put a global:
ALL : /etc/denyhosts.blocked : DENY
in hosts.allow. (I wish that were the default debian setup.) In a
quick search I see an apache module that should be able to use this file
directly to block requests:
http://www.modsecurity.org/
1. I've never used that module, but in a quick glance at the
documentation it looks to be capable with pmFromFile:
http://www.modsecurity.org/documentation/modsecurity-apache/2.5.7/modsecurity2-apache-reference.html#N11BFB
That would save script writing to convert to "Deny from .." syntax, but
I don't know if it solves the need to reload apache or not. And of
course firewall rules may server you better, but....
Jesse
On Tue, 2008-10-28 at 23:19 +0100, Nils Breunese (Lemonbit) wrote:
> > Also, Apache must be restarted AFAIK in order to block an attacker
> > using it's internal ALLOW/DENY rules. Of course, you could block
> it
> > at the kernel level w/ iptables if you wanted.
>
> That's what fail2ban does by default: it creates firewall rules.
--
Jesse Norell
Kentec Communications, Inc.
[EMAIL PROTECTED]
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
