httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hans-Georg Scherneck <...@chalmers.se>
Subject [users@httpd] Denying access for a complicated bugger address
Date Tue, 30 Sep 2014 17:16:10 GMT
Hi,
I'm new to this, and I'm no specialist in Apache, sorry.
My site is bombarded by POST requests from a site identifying itself like
123.123.123.123.word.word.word.word
A "deny from" instruction with a string trying to match this in .htaccess does not appear
to work 
(though other abusers with simple IP's I can get barred this way).
The leading IP is always a fake, and it is changed every time they POST new crap. A safe criterion

must focus on the word-part.
Do you have a working string for me? Can you suggest another method?

(I have made a change to the mailto.cgi script that sends the crap into /dev/null, exploiting
a 
mistake in the form data that they are sending, but soon they'll find out, and I want to be
a step 
ahead of them).
Thanks in advance

-- 
Med vänliga hälsningar / With best regards yours             -----
Hans-Georg Scherneck                                       /   A   \
---------------------+----------------------------------- |   / \   |
. Telephone & -fax   | Chalmers University of Technology   \       /
. +46 31 772 5556    | Earth and Space Sciences              -----
. +46 31 772 5590 fx | & Onsala Space Observatory             | |
. E-Mail:            | SE-439 92  Onsala, Sweden             /   \
. hgs@chalmers.se    | http://www.chalmers.se/rss       ----------------
. Ocean Loading Serv.| holt.oso.chalmers.se/loading     /===\ ,===//===\
. Gravimeter         | holt.oso.chalmers.se/hgs/SCG    /    /`===,/    /
---------------------+---------------------------------\===//===' \===/


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message