Hi,
I'm new to this, and I'm no specialist in Apache, sorry.
My site is bombarded by POST requests from a site identifying itself like
123.123.123.123.word.word.word.word
A "deny from" instruction with a string trying to match this in .htaccess does not appear to work
(though other abusers with simple IP's I can get barred this way).
The leading IP is always a fake, and it is changed every time they POST new crap. A safe criterion
must focus on the word-part.
Do you have a working string for me? Can you suggest another method?
(I have made a change to the mailto.cgi script that sends the crap into /dev/null, exploiting a
mistake in the form data that they are sending, but soon they'll find out, and I want to be a step
ahead of them).
Thanks in advance
--
Med vänliga hälsningar / With best regards yours -----
Hans-Georg Scherneck / A \
---------------------+----------------------------------- | / \ |
. Telephone & -fax | Chalmers University of Technology \ /
. +46 31 772 5556 | Earth and Space Sciences -----
. +46 31 772 5590 fx | & Onsala Space Observatory | |
. E-Mail: | SE-439 92 Onsala, Sweden / \
. h...@chalmers.se | http://www.chalmers.se/rss ----------------
. Ocean Loading Serv.| holt.oso.chalmers.se/loading /===\ ,===//===\
. Gravimeter | holt.oso.chalmers.se/hgs/SCG / /`===,/ /
---------------------+---------------------------------\===//===' \===/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org