Apache Server configuration support - automatic deny IP list

Author

automatic deny IP list

Zbigniew Lisiecki

2005-12-25, 7:48 am

Hi,
my apache receives more than 10 illegal queries a day,
trying too long url, SQL-injection and the simmilar abuse.
My script is capable to recognize such abusing IPs.
How could i put this IP list back to apache to deny
access for them ?

This question appeard several time on google,
but i couldn't find the answere.
..htaccess seems not the best solution.
I also don't want to solve it directly with iptables.
Accually I'd like most apache to maintain such a list of
bad IPs in it's own RAM. I'd provide the IP list in a file
and sync apache to reread it when i decide to.
Do i have to write my own module ?
I can hardly belive nobody has written it yet.

best regards
zbyszek lisiecki
--
http://zbyszek.evot.org

Davide Bianchi

2005-12-25, 7:48 am

On 2005-12-25, Zbigniew Lisiecki <zbyszek@evot.org> wrote:
> My script is capable to recognize such abusing IPs.
> How could i put this IP list back to apache to deny
> access for them ?

I suggest to use a firewall instead than apache. Block them at Kernel
level and not at application level. Anyway, nothing stops you to put them
in a deny list and then restart Apache.

Davide

--
My Beowulf cluster will beat your Windows NT network any day.
-- wbogardt@gte.net

Zbigniew Lisiecki

2005-12-25, 7:48 am

Davide Bianchi wrote:

> On 2005-12-25, Zbigniew Lisiecki <zbyszek@evot.org> wrote:
>
> I suggest to use a firewall instead than apache. Block them at Kernel
> level and not at application level. Anyway, nothing stops you to put them
> in a deny list and then restart Apache.

Hi Dave, i have a lot of quite another traffic on this server.
for example i don't want to check if each mail packet fits the
criteria of beeing denied by apache.

How would you maintain a deny list in apache ?
With .htaccess ? How to do it ?

z
--
http://zbyszek.evot.org