| Evan Cooch 2004-06-09, 8:33 am |
| Greetings -
I'm running apache 2.0.49 with mod_ssl/2.0.49, PHP/4.3.7 and OpenSSL/0.9.7d,
under RH GNU/Linux. Recently, I've been getting 100's of hits from a a machine
in the CompSci department at an large not-to-be-named university on the West
Coast. While I'm not entirely sure what its up to (experiemental search bot?), I
decided to try to deny them access until I can figure out the details.
So, simple enough - or so I thought. I simply hack my httpd.conf file, using a
'deny from' directive.
Lets pretend the name of the offedning machine is annoying.box.edu
Near the top of my httpd.conf file I have
<Directory "/home/www/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
# prevent accesses from abusive location
deny from annoy.box.edu
</Directory>
I restart apache, and assume connections to port 80 from annoying.box.edu will
be denied.
Alas - no such luck. When I look at the serve status, or read the logs, I see
said machine is still happily connecting away.
Weird - I know 'deny from' usually* works - if I put 'deny from' my desktop
machine, my web server does just as expected - it denies access to port 80 from
my desktop machine.
So, how can a machine that I explicitly 'deny from' in my httpd.conf file still
be able to access my web server? Any ideas welcomed.
Thanks in advance...
|