httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nelson, Robert D." <RDNel...@Mail.Donaldson.com>
Subject RE: Blocking requests..
Date Thu, 22 Aug 2002 14:13:57 GMT
Anders:

Even if you deny the requests they are still coming in through your pipe.
Denying the requests at the web server level will only save you a bit of
server resources because the server will not attempt to look for the
requested resource.

You can use...

 Deny from 1.2.3.4

...to deny from a particular IP.  You can also do this by hostname.  Of
course, by default Apache will still return a 403 response (instead of a
404) so you're really not saving bandwidth there.

As far as dropping by requested URL you can do this via mod_rewrite.  Again,
the server will still process the request and return whatever response you
tell it to.

The only way I know of to actually drop requests is on the network side, not
the web server.  You may want to call your upstream provider to see what
kind of options they have for this.

 ~ Robert


> -----Original Message-----
> From: Julian Grunnell [mailto:jgrunnell@firstnet.net.uk]
> Sent: Thursday, August 22, 2002 8:48 AM
> To: users@httpd.apache.org
> Subject: RE: Blocking requests..
> 
> 
> Use deny from?
> 
> -----Original Message-----
> From: Anders Widman [mailto:andewid@tnonline.net] 
> Sent: 22 August 2002 14:46
> To: users@httpd.apache.org
> Subject: Blocking requests..
> 
> 
> 
>    Hello...
> 
>    Is there any way I can block (drop) all requests from an IP if a
>    request match a specific URL?
> 
>    There are some sorts of viruses running around here and they eat up
>    my bandwidth and resources by requesting URLs like these:
>    
>    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
>    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1
>    ...
> 
>    I want Apache to drop and not respond to these requests, and
>    perhaps all requests from that IP. Is that possible?
> 
>    Thanks,
>    Anders
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message