| 1 |
On 12 January 2021 18:11:34 CET, thelma@×××××××××××.com wrote: |
| 2 |
>On 1/11/21 11:32 PM, J. Roeleveld wrote: |
| 3 |
>[snip] |
| 4 |
>> If you blocked the IP in the firewall, it shouldn't show in the log. |
| 5 |
>> |
| 6 |
>> Add iptables to the webserver and block that IP. |
| 7 |
>> Personally, I would block the whole range (45.93.201.0/24), which is |
| 8 |
>either |
| 9 |
>> linked to Cyprus or Russia (according to whois) |
| 10 |
>> |
| 11 |
>> Any block in the apache-config might fail due to a bug or new |
| 12 |
>configuration. |
| 13 |
>> |
| 14 |
>> -- |
| 15 |
>> Joost |
| 16 |
> |
| 17 |
>Asus routers don't have capabilities to block external IP's (I need to |
| 18 |
>find a better router). |
| 19 |
>Blocking that IP range in apache works, all the IPs I blocked are |
| 20 |
>getting 403 error (regardless what they type) |
| 21 |
>but you might be right, apache 2.4 |
| 22 |
> SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog (does not work). |
| 23 |
> |
| 24 |
>I wish they design blocking by country easier. |
| 25 |
|
| 26 |
Asus routers do allow blocking IPs, but it might be less than ideal. |
| 27 |
|
| 28 |
I would add a firewall to your webserver and block the full ranges using that. Any bug in apaches blocking WILL leave you open to a hack. |
| 29 |
|
| 30 |
-- |
| 31 |
Joost |
| 32 |
-- |
| 33 |
Sent from my Android device with K-9 Mail. Please excuse my brevity. |
Archives