| 1 |
On Tuesday, January 12, 2021 5:22:20 AM CET thelma@×××××××××××.com wrote: |
| 2 |
> On 1/11/21 9:15 PM, mad.scientist.at.large@××××××××.com wrote: |
| 3 |
> > --"Fascism begins the moment a ruling class, fearing the people may use |
| 4 |
> > their political democracy to gain economic democracy, begins to destroy |
| 5 |
> > political democracy in order to retain its power of exploitation and |
| 6 |
> > special privilege." Tommy Douglas |
| 7 |
> [snip] |
| 8 |
> |
| 9 |
> >> I forgot to mention, my firewall doesn't have any capabilities to enter |
| 10 |
> >> any configuration in IP tables. Maybe I'll look for one that does. |
| 11 |
> > |
| 12 |
> > That would be the thing to do. You want everything logged, so you know |
| 13 |
> > what is happening. If you blocked the logging how would you know if they |
| 14 |
> > made progress. You want to know when people are trying to break in, and |
| 15 |
> > you want to know when their tactics change. Not logging it is like |
| 16 |
> > plugging your' ears and closing your' eyes while the battering ram is |
| 17 |
> > pounding your' door... |
| 18 |
> If I blocked the IP already, why would I want to log anything about that IP; |
| 19 |
> they will will be denied access regardless. |
| 20 |
|
| 21 |
If you blocked the IP in the firewall, it shouldn't show in the log. |
| 22 |
|
| 23 |
Add iptables to the webserver and block that IP. |
| 24 |
Personally, I would block the whole range (45.93.201.0/24), which is either |
| 25 |
linked to Cyprus or Russia (according to whois) |
| 26 |
|
| 27 |
Any block in the apache-config might fail due to a bug or new configuration. |
| 28 |
|
| 29 |
-- |
| 30 |
Joost |
Archives