[PLUG] How to Block WEB Access for Certain IPs?

frank hunt linux at frankhunt.com
Mon Sep 15 15:52:19 UTC 2008


Bill Thoen wrote:
> I'm trying to block a couple of overly busy Chinese web spiders from 
> sniffing my site every hour, but not having much luck. I first tried 
> putting this in /etc/hosts.deny:
> 
> ALL: 61.135.168.39,  220.181.32.22
> 
> but that didn't stop them. Then I tried putting this in 
> /etc/http/conf/httpd.conf in the <Directory> tag:
>     Order allow,deny
>     Allow from all
>     Deny from 61.135.168.39  220.181.32.22
> 
> and that didn't work. I restarted httpd each time I made a change. I'm 
> using Fedora Core 9.
> 
> So how do you block a particular IP from accessing your web site? 
> (without disturbing the firewall if possible.)
> 
> - Bill Thoen
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
> 

I use this scheme to log then drop the bad guys:

iptables -A INPUT -s $IP -j LOG --log-prefix "IPTABLES DROPPED"
iptables -A INPUT -s $IP -j DROP


-- 
frank hunt
befuddled linux admin
erstwhile photographer
hillsboro oregon



More information about the PLUG mailing list