Re: [gentoo-user] preventing some IP's from from being logged in apache

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: "J. Roeleveld" <joost@antarean.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] preventing some IP's from from being logged in apache
Date: Tue, 12 Jan 2021 07:32:04 +0100	[thread overview]
Message-ID: <5448876.DvuYhMxLoT@iris> (raw)
In-Reply-To: <b47fae06-8afe-62e9-035e-97ea3981f84d@sys-concept.com>

On Tuesday, January 12, 2021 5:22:20 AM CET thelma@sys-concept.com wrote:
> On 1/11/21 9:15 PM, mad.scientist.at.large@tutanota.com wrote:
> > --"Fascism begins the moment a ruling class, fearing the people may use
> > their political democracy to gain economic democracy, begins to destroy
> > political democracy in order to retain its power of exploitation and
> > special privilege." Tommy Douglas
> [snip]
> 
> >> I forgot to mention, my firewall doesn't have any capabilities to enter
> >> any configuration in IP tables. Maybe I'll look for one that does.
> > 
> > That would be the thing to do.  You want everything logged, so you know
> > what is happening.  If you blocked the logging how would you know if they
> > made progress.  You want to know when people are trying to break in, and
> > you want to know when their tactics change.  Not logging it is like
> > plugging your' ears and closing your' eyes while the battering ram is
> > pounding your' door...
> If I blocked the IP already, why would I want to log anything about that IP;
> they will will be denied access regardless.

If you blocked the IP in the firewall, it shouldn't show in the log.

Add iptables to the webserver and block that IP.
Personally, I would block the whole range (45.93.201.0/24), which is either 
linked to Cyprus or Russia (according to whois)

Any block in the apache-config might fail due to a bug or new configuration.

--
Joost

next prev parent reply	other threads:[~2021-01-12  6:32 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-11 23:05 [gentoo-user] preventing some IP's from from being logged in apache thelma
2021-01-11 23:41 ` Michael
2021-01-12  0:00   ` thelma
2021-01-12  0:09     ` thelma
2021-01-12  4:15       ` mad.scientist.at.large
2021-01-12  4:22         ` thelma
2021-01-12  6:32           ` J. Roeleveld [this message]
2021-01-12 17:11             ` thelma
2021-01-12 17:26               ` J. Roeleveld
2021-01-12 18:51               ` antlists

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5448876.DvuYhMxLoT@iris \
    --to=joost@antarean.org \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox