Hi all,
Recently, I've had over 200'000 hits a day .. all from people trying to
crack
the password proteced areas on my site.
I reacted by simply adding the following to my <Directory> statement:
Deny from 195 ; <- fuck 'em all!
This is a very effective way of denying _ANYONE_ from the 195 net (a VERY insecure net!!) from accessing the web server. This requires my user intervention to implement.
I was wondering if there is a program out there that can monitor the error_log
file and if a user enters the wrong login/password combo more than 4 times, it
auto-denys the user until either the end of the day, or for the next hour.
Can anybody help me out here? Or do I have to pick up my old C books and start
coding?
-Jms
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 42:27:59 |
Calls: | 6,648 |
Files: | 12,193 |
Messages: | 5,329,573 |