1 |
On 12 January 2021 18:11:34 CET, thelma@×××××××××××.com wrote: |
2 |
>On 1/11/21 11:32 PM, J. Roeleveld wrote: |
3 |
>[snip] |
4 |
>> If you blocked the IP in the firewall, it shouldn't show in the log. |
5 |
>> |
6 |
>> Add iptables to the webserver and block that IP. |
7 |
>> Personally, I would block the whole range (45.93.201.0/24), which is |
8 |
>either |
9 |
>> linked to Cyprus or Russia (according to whois) |
10 |
>> |
11 |
>> Any block in the apache-config might fail due to a bug or new |
12 |
>configuration. |
13 |
>> |
14 |
>> -- |
15 |
>> Joost |
16 |
> |
17 |
>Asus routers don't have capabilities to block external IP's (I need to |
18 |
>find a better router). |
19 |
>Blocking that IP range in apache works, all the IPs I blocked are |
20 |
>getting 403 error (regardless what they type) |
21 |
>but you might be right, apache 2.4 |
22 |
> SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog (does not work). |
23 |
> |
24 |
>I wish they design blocking by country easier. |
25 |
|
26 |
Asus routers do allow blocking IPs, but it might be less than ideal. |
27 |
|
28 |
I would add a firewall to your webserver and block the full ranges using that. Any bug in apaches blocking WILL leave you open to a hack. |
29 |
|
30 |
-- |
31 |
Joost |
32 |
-- |
33 |
Sent from my Android device with K-9 Mail. Please excuse my brevity. |