Re: [PLUG] iptables: dropping bogus application-level content

Mike James on 17 Jul 2013 07:46:27 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] iptables: dropping bogus application-level content

From: Mike James <mpjames53@gmail.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] iptables: dropping bogus application-level content
Date: Wed, 17 Jul 2013 10:46:19 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=kAzaJRc2K8qtKRTpFRol3YrRzMkbEuK9P7h+tS/bLRI=; b=RjuC3rX/1PvavnOaumgiXLTeDc1N+2UGc2CNWhrS9pf95xNfWM+10uJhwuWK+pHdC1 ABjVJRq0vnEUQHfyC7TjmiNdQaWHFJwE/qFZgfW+5L3ZqC0FbI/K92FBL1/IO0I9M1nw +1yy7+s7jPe00U0erM8nPpWhWVnTT8Wbo5dNQH29Q80JFyo3Z0Cj+QcDKAVe8l8QPJhh 6w7XkB1s37yP9usrqLyz8sxX2EaOXtvheP1M1WFvuWKcZru8AYPtXQOPPObLKULjBdj1 fip0vEVZIgKP0NgIvNy6fujXv7GzVEpOBLK/uOgTQzqe86kjzJJfqRvCGnAWO5hdoqgc KBuA==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org

robots.txt? at least for those agents that respect it.

On Wed, Jul 17, 2013 at 10:31 AM, Douglas Muth <doug.muth@gmail.com> wrote:
> On Wed, Jul 17, 2013 at 10:16 AM, Ron Mansolino <rmsolino@gmail.com> wrote:
>>
>> I'm trying to figure out a way to avoid having Apache process/log bogus
>> requests.
>> (my "dev" server collects a lot of bullshit from around the globe that I
>> have no need to service,
>> and I'm not worried about a performance hit). For example this doesn't
>> work:
>>
>> -A INPUT -p tcp -m tcp --dport 80 -m string --string "ZmEu" --algo bm --to
>> 999 -j DROP
>>
>> What is a more proper way to drop bogus agents, requests, etc?
>> I don't want to do this with mod_rewrite.
>
>
> I don't know off the top of my head, but it being a dev server implies that
> very few people are accessing it.  Why not white list IPs on port 80?  That
> would be a pretty effective way to cut back on your traffic.
>
> -- Doug
>
> --
> http://www.dmuth.org/
> http://twitter.com/dmuth
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
>
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] iptables: dropping bogus application-level content
  - From: Sam Gleske <sam.mxracer@gmail.com>

References:
- [PLUG] iptables: dropping bogus application-level content
  - From: Ron Mansolino <rmsolino@gmail.com>
- Re: [PLUG] iptables: dropping bogus application-level content
  - From: Douglas Muth <doug.muth@gmail.com>

Prev by Date: Re: [PLUG] iptables: dropping bogus application-level content
Next by Date: Re: [PLUG] iptables: dropping bogus application-level content
Previous by thread: Re: [PLUG] iptables: dropping bogus application-level content
Next by thread: Re: [PLUG] iptables: dropping bogus application-level content
Index(es):
- Date
- Thread