Welcome to MobyThreads.com!
FAQFAQ   SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log in/Register/PasswordLog in/Register/Password

denyhosts for apache?

  
   Web Hosting and Web Master Forums (Home) -> Apache RSS
Related Topics:
Apache Log IP Via - Hi to all, i have an apache external and more apache internal. On external Apache I set more and with mod_proxy talk with all internal apache. For example: On ProxyPass / /..

Apache og ASP ? - Hello Can anyone here explain to me, if it is in Apache .conf file or somewhere in Sun One ASP I should configure the so my users cannot see anything but there own directory on the Apache server ? The situation is as

apache 2 and php on mac - what lines do i need in the httpd and what files or other do i need to get it in. macosx 10.3.5 and have switched to a fink so that may involve some heavy dancing. jimt

ASP.Net under Apache - Is there a module for Apache that allows the running of ASP.Net? Perhaps uses Mono?

apache not doing any PHP. - Hi I'm running Apache 1.3 with mod_php4 on a suse 9.0 box. However when a client tries to open a the file download dialog opens instead of showing the contents of the page. The PHP Module seems to be loaded my has the..
Author Message
ivowel

External


Since: Oct 08, 2007
Posts: 1



(Msg. 1) Posted: Mon Oct 08, 2007 12:59 pm
Post subject: denyhosts for apache?
Archived from groups: alt>apache>configuration (more info?)
dear experts: I seem to get a lot of brute force attacks these days
on my server. (auth.log shows it as tons of POSSIBLE BREAK-IN
ATTEMPTS).

there is a nice ssh tool called denyhosts, that basically blacklists
an IP address or IP host after X failed login attempts. Is there
something like this for apache, preferably simple and easy?

pointers appreciated.

regards,

/iaw

 >> Stay informed about: denyhosts for apache? 
Back to top
Login to vote
mkimmick

External


Since: Oct 22, 2007
Posts: 1



(Msg. 2) Posted: Mon Oct 22, 2007 4:24 pm
Post subject: Re: denyhosts for apache? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On Oct 8, 9:55 am, ivo... DeleteThis @gmail.com wrote:
> dear experts: I seem to get a lot of brute force attacks these days
> on my server. (auth.log shows it as tons of POSSIBLEBREAK-INATTEMPTS).
>
> there is a nice ssh tool called denyhosts, that basically blacklists
> an IP address or IP host after X failed loginattempts. Is there
> something like this forapache, preferably simple and easy?
>
> pointers appreciated.
>
> regards,
>
> /iaw



Automatic blacklisting of IPs for ssh brute force attacks can also be
accomplished using iptables on a linux box. The iptables rules are on
our website at http://www.nichewares.com/docs/sshbruteforce.shtml

However, I'm also looking for something similar for apache (which is
how I came across your post), and other than parsing log files, I
haven't found an easy straight forward solution. I see a bunch of
attempts to access content that's either protected or non-existent on
our servers, and I'd like to simply blacklist IPs for host
perpetrating these actions.

I did quickly find mod_security, but at first glance, it looks rather
complicated. I need to read more about it though.

If you come across a good tool for apache, please post back!


Regards,

Michael W. Kimmick, M.S.
Redhat Certified Engineer
Nichewares & Consulting, LLC

 >> Stay informed about: denyhosts for apache? 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting and Web Master Forums (Home) -> Apache All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]