Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Firewalling & Virtual Hosts
- John Bokma
November 10, 2010, 4:03 pm
rate this thread
While not perfect, something like this:
iptables .... ( see article, link follows ) \
--dport 80 \
-s w.x.y.z \
-m string --to 700 --algo bm --string 'Host: example.com' -j DROP
Can block w.x.y.z from accessing virtual host example.com
See: http://spamcleaner.org/en/misc/w00tw00t.html (search in the page
While there are certainly caveats with this approach it shows that one
can indeed firewall a specific virtual host.
And I am quite sure that this is only easier with firewalls that
understand the htt protocol (deep inspection?).
tag: w00tw00t.at.ISC.SANS.DFind:) (see URL)
John Bokma j3b
Blog: http://johnbokma.com/ Facebook: http://www.facebook.com/j.j.j.bokma
Freelance Perl & Python Development: http://castleamber.com/
Re: Firewalling & Virtual Hosts
Interesting, John. Even as the author admits, it isn't a complete
solution unless you know the scanner being used - but iptables does a
lot more than I thought it could do :)
Remove the "x" from my email address
JDS Computer Training Corp.
- » Google didn't like ReadNewz.com parsing their Newsgroup subjects!
- — Previous thread in » Webmaster Forum