On Fri, Jul 18, 2008 at 21:08, Ali Nebi <[EMAIL PROTECTED]> wrote: > Hi, > > i would like to ak how can i block these attempts? > > fcmat_ex.nw1.fcmat.org - - [18/Jul/2008:09:51:30 -0500] "POST > http://lti-mail01.ltinetworks.com:25/ HTTP/1.0" 302 313 "-" "-" > fcmat_ex.nw1.fcmat.org - - [18/Jul/2008:09:51:30 -0500] "GET > http://www.microsoft.com/ HTTP/1.0" 302 304 "-" "Mozilla/4.0 (compatible; > MSIE 6.0; Windows NT 5 > .1; SV1; .NET CLR 1.1.4322)" > fcmat_ex.nw1.fcmat.org - - [18/Jul/2008:09:51:32 -0500] "CONNECT > http://lti-mail01.ltinetworks.com:25 HTTP/1.0" 400 319 "-" "-" > 204.184.43.252 - - [18/Jul/2008:13:05:41 -0500] "GET > http://www.microsoft.com/ HTTP/1.0" 302 304 "-" "Mozilla/4.0 (compatible; > MSIE 6.0; Windows NT 5.1; SV1; > .NET CLR 1.1.4322)" > 204.184.43.252 - - [18/Jul/2008:13:05:41 -0500] "POST > http://lti-mail01.ltinetworks.com:25/ HTTP/1.0" 302 313 "-" "-" > 204.184.43.252 - - [18/Jul/2008:13:05:43 -0500] "CONNECT > http://lti-mail01.ltinetworks.com:25 HTTP/1.0" 400 319 "-" "-" > > > I don't use proxy and it is disabled, but i still get these connections in > access_log. After this, this server is blacklisted from XBL and CBL list > like spammer. > > Please help me to solve this problem. What can i do to block and to prevent > this kind of accesses?
You should realize that whatever you configure in Apache won't keep such log entries from appearing. For example: The "CONNECT" attempts are already being blocked by your server, and apache is logging this (see the 400 status code). If you manage to make Apache block the other requests they will still appear in your logfile. >From some of those log entries I get that proxying is enabled on your server. You need to disable proxy. Krist -- [EMAIL PROTECTED] [EMAIL PROTECTED] Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
