Restricting access

Important for restricting access:

https://httpd.apache.org/docs/2.4/howto/access.html

Added conf file to the extra folder: block-offending-ips.conf

Here: 

/usr/local/etc/httpd/extra

Code to add to file:

<LocationMatch "/.*">
<RequireAll>
Require all granted
Require not ip 39.94.137.167
#Repeat the "Require not ip ..." for each IP you want to block
</RequireAll>
</LocationMatch>

The linked to httpd.conf with:

Include /usr/local/etc/httpd/extra/block-offending-ips.conf

Other methods are available for limiting access including hosts and domains. But, I was seeing some hacking attempts and want a method to block IP addresses that are appearing in the tail commands:

tail -n 200 -f /usr/local/var/log/httpd/access_log
tail -n 200 -f /usr/local/var/log/httpd/error_log

I feel like I can control things more effectively now. Wish there were a simple tool to add IP addresses rather than editing this file. Would make life easier.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.