?
Solved

Use htaccess to block specific router names rather than IP Blocks

Posted on 2013-06-22
3
Medium Priority
?
526 Views
Last Modified: 2013-06-23
My website has been under attack for a couple of weeks now. I have a dedicated server. I started by blocking their IP addresses, but they just keep changing them over and over and over. Basically I want to block the router most of the IP's resolve too:

adsl-XX-XX-XX-X.dsl.lsan03.sbcglobal.net

How do I block all ip's coming from dsl.lsan03.sbcglobal.net? What would the proper syntax be in the htaccess, or how could I add this to csf.deny?

Any help would be greatly appreciated.

-S
0
Comment
Question by:summerset
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Expert Comment

by:arnold
ID: 39268577
There is no syntax that you can  use to block traffic through which a packet might travel.

Your best might be to use iptables/snort to setup an IDS/IPS that will reject the requests.

There  are apache based tools as well to shield the server to some extent.
0
 

Author Comment

by:summerset
ID: 39269712
Thanks...Could you elaborate on the tools
0
 
LVL 79

Accepted Solution

by:
arnold earned 1500 total points
ID: 39269920
iptables/snort can be setup as IDS/IPS system. where they will shield apache from different types of connection.

Apache also has retelimit, etc. but every measure you make has an impact since they are resource consumers on the server.
One optoin is to block the IP segments on the firewall.
Intenet Firewall IDS/IPS server_lan

The issue is that implementing different things is not cheap and the decision is up to you to see whether it is worth while.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question