Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: server attacks |
|
| Author |
|
holziusa
Joined: 02 Jan 2008
Posts: 48
|
 Posted: Thu 05 Apr '12 21:07 Post subject: server attacks |
 |
|
recently i experience a lot of invalid logins
i use task scheduler to report these via email
so i dont have to review logs manually ie mssql, ftp.mysql logins
i like to block the ip of such attacks in real time
maybe also something that can parse the apache logs
and provide an auto action to block the ip
thanks in advance
btw using these guys
"www.countryipblocks.net" |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Tue 15 May '12 12:21 Post subject: |
|
|
| You could create a custom log format with only the IP and as ENV condition you log only 403 errors or what ever you want to have. I formyself have figured out that it is bad to block IP with apache, better use the OS firewall. If I remember correctly there is a command line access to the windows firewall to block IPs. Can't remember how. On linux there is fail2ban which works wonders. |
|
| Back to top |
|
|
|
|
|
|
