banning all *azenv.php request to my server
There are tons of ways to block referring urls and/or ips, so I'll give you a couple simple ways:
1) You could save an .htaccess file in the top directory of your website with a rewrite such as:
## specific referring url blocking
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} .*/azenv\.php [NC,OR]
RewriteRule .* - [F]
or similar to iptables:
## user ip blocking
<Limit GET POST>
order allow,deny
deny from 96.254.171.2
allow from all
</Limit>
another example:
## banning referring urls with specific words, etc.
# set the skridz_ref variable
SetEnvIfNoCase Referer "^azenv.php" skridz_ref=1
# block all referrals that have skridz_ref set
<FilesMatch "(.*)">
Order Allow,Deny
Allow from all
Deny from env=skridz_ref
</FilesMatch>
2) If you have ssh access on your server you could block the ip in your iptables like so:
# iptables -A INPUT -s 96.254.171.2 -j DROP
# service iptables save
to unblock (and delete) the ip from iptables:
# iptables -D INPUT -s xx.xxx.xx.xx -j DROP
# iptables -D INPUT -s 96.254.171.2 -j DROP
# service iptables save
Related videos on Youtube
Sebas
Cloud Architect and Solution Architect @ different multinationals
Updated on September 18, 2022Comments
-
Sebas over 1 year
I am using apache 2.2 under centos6, and I'm recently having some kind of accesses that are unwanted, and that I wish to ban.
For instance, I have this in my error_log:
[Sun Apr 14 01:06:29 2013] [error] [client 96.254.171.2] File does not exist: /var/www/html/var, referer: http:**server5.cyberpods.net/azenv.php
(i replaced http:// with http:** to prevent people clicking the link, which I'm not sure whether it is safe)
I guess I could just ban anything ending by azenv.php. What should be the approach?