httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jorge Schrauwen <jorge.schrau...@gmail.com>
Subject Re: [users@httpd] Stealthing a vhost
Date Thu, 27 May 2010 12:33:42 GMT
The sane sultion would be to setup a default host (first vhost == default)
and just deny all access to it.

You'll still get hit but all requests without a hostname get denied.

~Jorge


On Thu, May 27, 2010 at 1:10 PM, Peter Horn <peter.horn@bigpond.com> wrote:

> J Greenlees wrote:
>
> >personally, I would consider a permanent redirect to 127.0.0.1 for all but
> your one excepted case on access of the default virtual host.
> >their bots will screw their own server that way. ;)
>
> Sorry to bring you the bad news, Jaqui, but bots don't respect redirection.
> I suspect they discard any response not bearing 200. I tried the 127.0.0.1
> trick months ago to no effect, and have also tried redirection into private
> IP address space (eg 10.x.x.x). So I guess I'll just continue to suffer in
> (relative) silence. [If redirection did work on bots, I was going to find
> the most evil virus-ridden hellhole to send them to!]
>
>
> Igor Cicimov wrote:
>
> >Ok for the first problem, apache responding to the OPTIONS request...What
> about Limit and LimitExcept commands? Limiting the >OPTIONS to the local
> network or blocking them totally maybe?
>
> I'm not too concerned about OPTIONS - it isn't used in any intrusion
> attempts, and IS used on my local network.  I mentioned it just to point out
> that it's a server thing, not a vhost one.
>
> Regards and thanks,
> Peter
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message