 |
Apache2Triad Help, Support and Development
The apache2triad help , support and development forums
|
| View previous topic :: View next topic |
| Author |
Message |
Amrit
Joined: 18 May 2006
Posts: 16
Location: Holland
|
| Posted: Wed Dec 13, 2006 9:54 pm Post subject: Blocking apache Attacks |
|
|
Hi guys,
My situation, a sever A2t configurated with Joomla and five virtualhost.
It seems like some joomla components can give acces to hackers in combination with Mod_include of Apache by default.
I think it is a leak in Apache / module self.
I've got many of these Errors:
[Mon Sep 18 18:34:54 2006] [warn] [client 72.29.90.67] mod_include: Options +Includes (or IncludesNoExec) wasn't set, INCLUDES filter removed
Afterwards they hacked my site http://www.anadoluhackers.org/
Please mail !
Zouty.tk@gmail.com
Amrit |
|
| Back to top |
|
Joshua Meadows (DemoRic)
Joined: 29 Dec 2004
Posts: 783
Location: S.E. Kansas
|
| Posted: Thu Dec 14, 2006 2:40 am Post subject: |
|
|
mod_securty is a mod you may want to look into. It scans input/output for many known patterns of exploits.
Great rule sets are available at gotroot.com |
|
| Back to top |
|
Amrit
Joined: 18 May 2006
Posts: 16
Location: Holland
|
| Posted: Thu Dec 14, 2006 6:09 pm Post subject: blacklist. |
|
|
:D Thx Joshua :D
I found this module below. Was build with Visual Studio C++ 2005 and latest SDK against the Apache 2.2 headers and will load in 2.2.0 - 2.2.3
mod_security-2.0.4-win32.zip
http://www.apachelounge.com/download/
I've install it and it was easy to install.
----------------------------------------------------------------------------------
I've found somting else : to block ips, but how can i make this autonom ? Incombination with AWSTAT it would be handy to block ips & to make your own blacklist.
This is the code from my .htaccess file :
order allow,deny
deny from 212.83.70.159
deny from 83.138.147.76
deny from 64.191.104.9
deny from 85.92.134.123
deny from 62.193.238.124
allow from all |
|
| Back to top |
|
| |
|