apache log and access control

Chuck Hallenbeck chuckh at hhs48.com
Tue Dec 7 14:14:20 EST 2004


Greg,

Thanks. That sounds like good advice. This is my first experience with a
web server, so I am sort of feeling my way into it. None of these folks
probing my server is telling me his agent string or referer source, and
the diversity of originating IP addresses is amazing. I guess I'll just
let the access log pile up for a while and rotate it regularly.

Chuck


On Tue, 7 Dec 2004, Gregory Nowak wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Chuck, I'd say your best bet is to just let the access attempts pile
> up, since there is a good bet that the people trying to find wholes in
> your web server are on dynamic IP addresses, so they'll just keep
> coming from another IP, in which case the deny lines won't help you
> at all.
>
> When I first started running apache 2 years ago or so, I saw all these
> things in my access_log, and monitored it for about 3 months. However,
> after I noticed that apache was handling these cracking attempts
> properly, I stopped looking at my access_log in detail all the
> time. As long as you make sure that you stay on top of the apache
> upgrades, and are running the latest apache packages, you should be
> fine. After all, all these crackers are trying to exploit IIS servers
> for the most part.
>
> Greg
>
>
> On Tue, Dec 07, 2004 at 08:30:29AM -0500, Chuck Hallenbeck wrote:
>> Hi Janina,
>>
>> Are you suggesting somehow putting a 32 kb string into a google search
>> field?  How would one do that?
>>
>> I might just let the stuff pile up in my log file rather than modifying
>> the apache configuration file several times a day. Apache seems to
>> survive those probes and responds to them with an error message. But
>> they come to me from all manner of originating ISP's and I do not want
>> to block the entire domain from which they originate.
>>
>>
>> --
>> The Moon is Waning Crescent (25% of Full)
>> "Things are in the saddle, and they ride mankind." Ralph Waldo Emerson
>> Personal site www.hhs48.com, Download site www.mhcable.com/~chuckh
>>
>> _______________________________________________
>> Speakup mailing list
>> Speakup at braille.uwo.ca
>> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>>
>>
>> !DSPAM:41b5b082133002005283415!
>>
>>
>
> - --
> Free domains: http://www.eu.org/ or mail dns-manager at EU.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iD8DBQFBtftG7s9z/XlyUyARAifuAJ44MgrRxq6LXTyeZg2s5bGZIWvMMQCgg0r5
> gJ5EQvIbAPmtqQePZZsIK0c=
> =mvsJ
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>

-- 
The Moon is Waning Crescent (23% of Full)
"Things are in the saddle, and they ride mankind." Ralph Waldo Emerson
Personal site www.hhs48.com, Download site www.mhcable.com/~chuckh




More information about the Speakup mailing list