On Sat, 20 Aug 2011, Barry Brimer wrote:
To: CentOS mailing list centos@centos.org From: Barry Brimer lists@brimer.org Subject: Re: [CentOS] Apache Changing IPtables C 5.6 via Apache
When a web site is attacked, so far by unsuccessful hackers, my error routine adds the attackers IP address, prefixed by 'deny', to that web site's .htaccess file. It works and the attacker, on second and subsequent attacks, gets a 403 error response.
Have you looked at mod_evasive? http://www.zdziarski.com/blog/?page_id=442
There is also another application that reads the Apache log file, and then IIRC writes IPTables rules to deal with these sort of attacks. It was written for a university thesis several years ago, but I just do not remember the name of that particular guy or the project.
Kind Regards,
Keith Roberts
----------------------------------------------------------------- Websites: http://www.karsites.net http://www.php-debuggers.net http://www.raised-from-the-dead.org.uk
All email addresses are challenge-response protected with TMDA [http://tmda.net] -----------------------------------------------------------------