Marc wrote:
> I still need to get familiar with nft. Currently I am using ipset
NFT has an equivalent -- also called a set. Here are excerpts from my
configuration that show how addresses and ranges appear in a set and how a set
is blocked.
Defining the set of real-time intrusions:
set S
> > using the NTP firewall
>
> Sorry, using the NFT firewall.
>
I still need to get familiar with nft. Currently I am using ipset, adding ip's
with scripts. But ipset is preconfigured for specific netmask /24 /X. So at
some point your /24 is getting full with 65k entries. It would be nice if
metaed borked:
> using the NTP firewall
Sorry, using the NFT firewall.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Marc wrote:
> Anyone having a suggestion on how to block cloud crawlers/bots? Obviously I
> would like search engine bots to have access, but all the other crap I want to
> lose. Only 'real users'.
I take a three-pronged approach, using the NTP firewall and some scripts.
1. db-ip.com keeps a list
I would even state that >80% of your server load is crap, if you don't block
any ranges. Besides that you open yourself up to vulnerability checks and
monitoring for domain hijacking etc.
>
> Does the traffic from those cloud ranges have any significant impact on
> your server performance?
>
>
Does the traffic from those cloud ranges have any significant impact on
your server performance?
On Tue, Sep 12, 2023 at 10:33 AM Marc wrote:
>
> Anyone having a suggestion on how to block cloud crawlers/bots? Obviously
> I would like search engine bots to have access, but all the other crap I
>
