Solved

Use htaccess to block specific router names rather than IP Blocks

Posted on 2013-06-22
3
517 Views
Last Modified: 2013-06-23
My website has been under attack for a couple of weeks now. I have a dedicated server. I started by blocking their IP addresses, but they just keep changing them over and over and over. Basically I want to block the router most of the IP's resolve too:

adsl-XX-XX-XX-X.dsl.lsan03.sbcglobal.net

How do I block all ip's coming from dsl.lsan03.sbcglobal.net? What would the proper syntax be in the htaccess, or how could I add this to csf.deny?

Any help would be greatly appreciated.

-S
0
Comment
Question by:summerset
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39268577
There is no syntax that you can  use to block traffic through which a packet might travel.

Your best might be to use iptables/snort to setup an IDS/IPS that will reject the requests.

There  are apache based tools as well to shield the server to some extent.
0
 

Author Comment

by:summerset
ID: 39269712
Thanks...Could you elaborate on the tools
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 39269920
iptables/snort can be setup as IDS/IPS system. where they will shield apache from different types of connection.

Apache also has retelimit, etc. but every measure you make has an impact since they are resource consumers on the server.
One optoin is to block the IP segments on the firewall.
Intenet Firewall IDS/IPS server_lan

The issue is that implementing different things is not cheap and the decision is up to you to see whether it is worth while.
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question