httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mauricio Tavares <raubvo...@gmail.com>
Subject Re: [users] https and DHE-RSA-AES256-SHA
Date Wed, 04 Jun 2014 19:03:38 GMT
On Wed, Jun 4, 2014 at 2:55 PM, MM <finjulhich@gmail.com> wrote:
> Hi,
>
> I run a personal https at home with no official certificate. The hostname I
> use is a dynamic dns hostname.
> Apache/2.4.9 OpenSSL/1.0.1e-fips PHP/5.5.12 SVN/1.8.8 mod_perl/2.0.9-dev
> Perl/v5.18.2
>
>
> On ssl_request I see a couple of entries like this:
>
> TLSv1 DHE-RSA-AES256-SHA "GET /vtigercrm/ HTTP/1.1" 287
> TLSv1 DHE-RSA-AES256-SHA "GET /vtigercrm/vtigerservice.php HTTP/1.1" 304
> TLSv1 DHE-RSA-AES256-SHA "GET
> /vtigercrm/graph.php?current_language=../../../../../../../..//etc/elastix.conf%00&module=Accounts&action
> HTTP/1.1" 296
> TLSv1 DHE-RSA-AES256-SHA "GET /vtigercrm/ HTTP/1.1" 287
>
> from undesired clients.
>
> Is there a way to limit the IPs of clients that http/https queries can come
> from?

Would this help?

http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow

There is also fail2ban. And you could setup your firewall to restrict
which IPs can reach server on the proper port

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message