httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <uh...@fantomas.sk>
Subject Re: Dummy vhost for intruders - comments please
Date Wed, 17 Dec 2008 15:25:14 GMT
On 17.12.08 10:13, Peter Horn wrote:
> I don't think this is quite off-topic, just a bit left of centre. :-\
> I run a small site with two subdomains of no-ip.org (like dyndns) using 
> NameVirtualHost. Looking at the access log, a few percent of my traffic 
> was from bots like Morfeus F***ing Scanner [my censorship], intrusion 
> attempts (e.g. GET /login_page.php) and just plain old "wrong numbers". 
> Nothing from what I'd think of as "good" bots (Google, etc.) Initially, 
> I added a first (i.e. default) vhost to serve a page saying "If you 
> don't know the URL, I'm not telling you." Then I refined this with the 
> obvious "Deny from all".
> While this is definitely effective, do you consider it 
> honourable/ethical/sneaky/clever/dumb/whatever? Are there any likely 
> side-effects?

I did something alike, a default-only virtual host. Requires some hacking,
not accepted as bug :(
https://issues.apache.org/bugzilla/show_bug.cgi?id=39910
-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states. 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message