httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <uh...@fantomas.sk>
Subject Re: [users@httpd] Attack on my reverse proxy server
Date Tue, 12 Jun 2012 11:05:11 GMT
On 12.06.12 00:42, Ruiyuan Jiang wrote:
>We see some attack on our apache reverse proxy server.
>
>180.211.101.213 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 301 324
>201.243.47.144 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 400 226
>113.162.230.163 - - [11/Jun/2012:11:30:00 -400] "POST / HTTP/1.0" 503 323
>
>How can we block those activities on the apache server? Thanks.

if your server is accessible from the internet, such attacks _will_ come.
you should make sure that such attacks won't affect its functionality.

you can watch logs for that kind of activities and e.g. block source 
IPs in firewall (a.g. using fail2ban).

There apparently are apache modules that can to something similar 
internally.
-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
A day without sunshine is like, night.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message