Gentoo Archives: gentoo-user

From:	Michael <confabulate@××××××××.com>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] preventing some IP's from from being logged in apache
Date:	Mon, 11 Jan 2021 23:42:11
Message-Id:	`7199466.EvYhyI6sBW@lenovo.localdomain`
In Reply to:	[gentoo-user] preventing some IP's from from being logged in apache by thelma@sys-concept.com

1	On Monday, 11 January 2021 23:05:55 GMT thelma@×××××××××××.com wrote:
2	> I've one persistent user (Russian IP) that is populating my apache log
3	> files.
4	>
5	> I tried 00_mod_log_config.conf
6	>
7	> SetEnvIf Remote_Addr "45\.93\.201\.104" dontlog
8	> CustomLog /var/log/apache2/deflate_log deflate env=!dontlog
9	> CustomLog /var/log/apache2/access_log common env=!dontlog
10	>
11	> But I still see this IP in my access_log.
12
13	If it is the same IP address persistently attacking the server, I would be
14	tempted to block it, or the whole /24 subnet it belongs to, at the perimeter
15	firewall. Of course, persistent actors will hop off another IP address, so
16	there are diminishing returns in this game.

File name	MIME type
signature.asc	application/pgp-signature

Subject	Author
Re: [gentoo-user] preventing some IP's from from being logged in apache	thelma@×××××××××××.com