The sane sultion would be to setup a default host (first vhost == default) and just deny all access to it.
You'll still get hit but all requests without a hostname get denied. ~Jorge On Thu, May 27, 2010 at 1:10 PM, Peter Horn <peter.h...@bigpond.com> wrote: > J Greenlees wrote: > > >personally, I would consider a permanent redirect to 127.0.0.1 for all but > your one excepted case on access of the default virtual host. > >their bots will screw their own server that way. ;) > > Sorry to bring you the bad news, Jaqui, but bots don't respect redirection. > I suspect they discard any response not bearing 200. I tried the 127.0.0.1 > trick months ago to no effect, and have also tried redirection into private > IP address space (eg 10.x.x.x). So I guess I'll just continue to suffer in > (relative) silence. [If redirection did work on bots, I was going to find > the most evil virus-ridden hellhole to send them to!] > > > Igor Cicimov wrote: > > >Ok for the first problem, apache responding to the OPTIONS request...What > about Limit and LimitExcept commands? Limiting the >OPTIONS to the local > network or blocking them totally maybe? > > I'm not too concerned about OPTIONS - it isn't used in any intrusion > attempts, and IS used on my local network. I mentioned it just to point out > that it's a server thing, not a vhost one. > > Regards and thanks, > Peter > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
