[CentOS] Apache attacks - you can't stop them, or can you?
Johnny Hughes
johnny at centos.org
Wed Mar 6 16:58:32 UTC 2013
On 03/06/2013 07:17 AM, Robert Moskowitz wrote:
> So I have this nice, simple web server up running. Its purpose is to
> allow me external testing with HIP, and to provide some files for
> external distribution. Of course, there it is sitting on port 80 and
> the attacks are coming in per logwatch report. Examples from the report
> include:
>
> Requests with error response codes
> 404 Not Found
> //phpMyAdmin-2.5.1/scripts/setup.php: 1 Time(s)
> //phpMyAdmin-2.5.4/scripts/setup.php: 1 Time(s)
> //phpMyAdmin-2.5.5-pl1/scripts/setup.php: 1 Time(s)
> //phpMyAdmin-2.5.5-rc1/scripts/setup.php: 1 Time(s)
> //phpMyAdmin-2.5.5-rc2/scripts/setup.php: 1 Time(s)
> /muieblackcat: 1 Time(s)
> /myadmin/scripts/setup.php: 2 Time(s)
> /mysql-admin/scripts/setup.php: 1 Time(s)
> /mysql/scripts/setup.php: 1 Time(s)
> /mysqladmin/scripts/setup.php: 2 Time(s)
> /mysqlmanager/scripts/setup.php: 1 Time(s)
>
> Now these are only a few, though I am probably not being hit as hard as
> others out there.
>
> My question is:
>
> Is there a way to shut this nonsense down? Or because I am sending the
> 404, I am doing all that is reasonable to do?
>
> I am wondering that if this list starts getting long, that is a lot of
> logging and I probably don't need to log 404s?
There is also mod_security ...
http://people.centos.org/hughesjr/mod_security/
You can read about what it is here:
http://www.modsecurity.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20130306/850c14a0/attachment.sig>
More information about the CentOS
mailing list