apache log and access control

Gregory Nowak greg at romuald.net.eu.org
Tue Dec 7 13:49:42 EST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chuck, I'd say your best bet is to just let the access attempts pile
up, since there is a good bet that the people trying to find wholes in
your web server are on dynamic IP addresses, so they'll just keep
coming from another IP, in which case the deny lines won't help you
at all.

When I first started running apache 2 years ago or so, I saw all these
things in my access_log, and monitored it for about 3 months. However,
after I noticed that apache was handling these cracking attempts
properly, I stopped looking at my access_log in detail all the
time. As long as you make sure that you stay on top of the apache
upgrades, and are running the latest apache packages, you should be
fine. After all, all these crackers are trying to exploit IIS servers
for the most part.

Greg


On Tue, Dec 07, 2004 at 08:30:29AM -0500, Chuck Hallenbeck wrote:
> Hi Janina,
> 
> Are you suggesting somehow putting a 32 kb string into a google search
> field?  How would one do that?
> 
> I might just let the stuff pile up in my log file rather than modifying
> the apache configuration file several times a day. Apache seems to
> survive those probes and responds to them with an error message. But
> they come to me from all manner of originating ISP's and I do not want
> to block the entire domain from which they originate.
> 
> 
> -- 
> The Moon is Waning Crescent (25% of Full)
> "Things are in the saddle, and they ride mankind." Ralph Waldo Emerson
> Personal site www.hhs48.com, Download site www.mhcable.com/~chuckh
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 
> 
> !DSPAM:41b5b082133002005283415!
> 
> 

- -- 
Free domains: http://www.eu.org/ or mail dns-manager at EU.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFBtftG7s9z/XlyUyARAifuAJ44MgrRxq6LXTyeZg2s5bGZIWvMMQCgg0r5
gJ5EQvIbAPmtqQePZZsIK0c=
=mvsJ
-----END PGP SIGNATURE-----




More information about the Speakup mailing list