Date: Fri, 15 Jun 2007 22:49:01 -0400 From: "Bob" <bob@a1poweruser.com> To: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@FreeBSD.ORG> Subject: stopping "connect" attacks in apache Message-ID: <NBECLJEKGLBKHHFFANMBEEKJCDAA.bob@a1poweruser.com>
next in thread | raw e-mail | index | archive | help
Every time my apache server slows down or has denial of service the access log is full this 61.228.122.220 - "CONNECT 66.196.97.250:25 HTTP/1.0" 200 7034 "-" "-" 61.228.122.220 - "CONNECT 216.39.53.3:25 HTTP/1.0" 200 7034 "-" "-" 61.228.122.220 - "CONNECT 216.39.53.1:25 HTTP/1.0" 200 7034 "-" "-" 61.228.122.220 - "CONNECT 168.95.5.155:25 HTTP/1.0" 200 7034 "-" "-" 61.228.122.220 - "CONNECT 168.95.5.157:25 HTTP/1.0" 200 7034 "-" "-" 61.228.122.220 - "CONNECT 168.95.5.159:25 HTTP/1.0" 200 7034 "-" "-" I think I can stop this by adding this to my httpd-config SetEnvIf THE_REQUEST CONNECT* drop <Directory "/usr/local/www/data"> order allow,deny allow from all deny from env=drop </Directory> Am I on the correct solutions here?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NBECLJEKGLBKHHFFANMBEEKJCDAA.bob>