Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Use htaccess to block specific router names rather than IP Blocks

Posted on 2013-06-22
3
Medium Priority
?
530 Views
Last Modified: 2013-06-23
My website has been under attack for a couple of weeks now. I have a dedicated server. I started by blocking their IP addresses, but they just keep changing them over and over and over. Basically I want to block the router most of the IP's resolve too:

adsl-XX-XX-XX-X.dsl.lsan03.sbcglobal.net

How do I block all ip's coming from dsl.lsan03.sbcglobal.net? What would the proper syntax be in the htaccess, or how could I add this to csf.deny?

Any help would be greatly appreciated.

-S
0
Comment
Question by:summerset
  • 2
3 Comments
 
LVL 80

Expert Comment

by:arnold
ID: 39268577
There is no syntax that you can  use to block traffic through which a packet might travel.

Your best might be to use iptables/snort to setup an IDS/IPS that will reject the requests.

There  are apache based tools as well to shield the server to some extent.
0
 

Author Comment

by:summerset
ID: 39269712
Thanks...Could you elaborate on the tools
0
 
LVL 80

Accepted Solution

by:
arnold earned 1500 total points
ID: 39269920
iptables/snort can be setup as IDS/IPS system. where they will shield apache from different types of connection.

Apache also has retelimit, etc. but every measure you make has an impact since they are resource consumers on the server.
One optoin is to block the IP segments on the firewall.
Intenet Firewall IDS/IPS server_lan

The issue is that implementing different things is not cheap and the decision is up to you to see whether it is worth while.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month7 days, 2 hours left to enroll

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question