*********** REPLY SEPARATOR ***********
On 6/12/2001 at 10:24 AM Blake Thornton [EMAIL PROTECTED]
[gregausit/redhat-list] wrote:
>> >
>> >But, I still see hits from this IP.
>> >
>> >Also, can someone tell me how to use the file access.conf
>> >
>> You will still log hits, the web server has to send back it's
>> response......anyway, looks like what you really want to do is use IP
>> chains or eqv to block the IP from that port, or use inetd or xinetd if
>> load allows....
>
>Good points. I guess I should still see the hits.
>
>I don't know how to use ipchains or iptables (I should learn), but this
>isn't what I want in this particular case. I want to deny a specific user
>and see if they are attempting to get in.
>
>Also, how can I deny a block of IP addresses in apache.
>
Ok, above does not make sense, deny a user, but then deny a block ?
There really is a lot you can do, but if you want to do this properly, you
should start on the right foot.
You could try using 63.228.212.0 or 63.228.212 to restrict the
block, but I do not know what Apache you use. You would be better off
taking Apache out of standalone mode and using inetd or eqv. to
restrict/allow access, remember in the server root config changes effect
every connection.
Tailing the log, or running a script in cron will tell you if this IP is
attempting access..
grep 63.228.212 <logfile> is one way, to send an alert
grep 63.228.212 <logfile> | mail root -s Alert
do not use the access.conf for ANYTHING, only config file should be
http(s)d.conf
That should get you out of trouble......
Regards
Greg Wright
--
IT Consultant Sydney Australia PH 0418 292020 -- Int. +61 418 292020
Available for Global Contracts US Fax -- 801 740 2874
Web http://www.ausit.com E-mail Greg AT AusIT.com
Trading As - AAA Computers -- providers of IT services.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
