Solved

Use htaccess to block specific router names rather than IP Blocks

Posted on 2013-06-22
3
515 Views
Last Modified: 2013-06-23
My website has been under attack for a couple of weeks now. I have a dedicated server. I started by blocking their IP addresses, but they just keep changing them over and over and over. Basically I want to block the router most of the IP's resolve too:

adsl-XX-XX-XX-X.dsl.lsan03.sbcglobal.net

How do I block all ip's coming from dsl.lsan03.sbcglobal.net? What would the proper syntax be in the htaccess, or how could I add this to csf.deny?

Any help would be greatly appreciated.

-S
0
Comment
Question by:summerset
  • 2
3 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 39268577
There is no syntax that you can  use to block traffic through which a packet might travel.

Your best might be to use iptables/snort to setup an IDS/IPS that will reject the requests.

There  are apache based tools as well to shield the server to some extent.
0
 

Author Comment

by:summerset
ID: 39269712
Thanks...Could you elaborate on the tools
0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 39269920
iptables/snort can be setup as IDS/IPS system. where they will shield apache from different types of connection.

Apache also has retelimit, etc. but every measure you make has an impact since they are resource consumers on the server.
One optoin is to block the IP segments on the firewall.
Intenet Firewall IDS/IPS server_lan

The issue is that implementing different things is not cheap and the decision is up to you to see whether it is worth while.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Change local server setting in php 6 96
People Counting Software 2 217
ignore other .htaccess 2 59
Rewrite Rule head scratcher 18 11
As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question