stopping "connect" attacks in apache
Bob
bob at a1poweruser.com
Sat Jun 16 02:49:04 UTC 2007
Every time my apache server slows down or has denial of service the access
log is full this
61.228.122.220 - "CONNECT 66.196.97.250:25 HTTP/1.0" 200 7034 "-" "-"
61.228.122.220 - "CONNECT 216.39.53.3:25 HTTP/1.0" 200 7034 "-" "-"
61.228.122.220 - "CONNECT 216.39.53.1:25 HTTP/1.0" 200 7034 "-" "-"
61.228.122.220 - "CONNECT 168.95.5.155:25 HTTP/1.0" 200 7034 "-" "-"
61.228.122.220 - "CONNECT 168.95.5.157:25 HTTP/1.0" 200 7034 "-" "-"
61.228.122.220 - "CONNECT 168.95.5.159:25 HTTP/1.0" 200 7034 "-" "-"
I think I can stop this by adding this to my httpd-config
SetEnvIf THE_REQUEST CONNECT* drop
<Directory "/usr/local/www/data">
order allow,deny
allow from all
deny from env=drop
</Directory>
Am I on the correct solutions here?
More information about the freebsd-questions
mailing list