Few days back i was fighting with a issue.. some one leached our website and showing my website contents on his domain.
Now my seniors start worrying about their product, and it was obvious.
I started digging out some methods.. and started playing with some settings.. like
some apache directives..
Now my seniors start worrying about their product, and it was obvious.
I started digging out some methods.. and started playing with some settings.. like
some apache directives..
Order Deny,Allow
Deny from
Didn't worked...
My websites are Akamaied, so the real IPs i did not able to get...So at end i decided to get Real IPs (Actual IPs - True Client IP)So at first i tried, i should get the actual IP who was hitting by enabling access log .
Here is some settings to get the log in Virtual Host.
LogFormat "%{True-Client-IP}i \"%r\" \"%{Referer}i\"" combined
CustomLog "|/usr/local/sbin/cronolog /usr/local/apache2/logs/domain.com-access-%d.log" combined
# tail -f /usr/local/apache2/logs/domain.com-access-20.log | grep
After getting the IP in access log for culprit domain, added that IP in a file, called in my case host.deny under
/usr/local/apache2/conf/
and in vhost conf, some more entries i made
RewriteEngine On
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [R=401,L]
So final configuration is here:
ServerAdmin manish.singh@domain.com
DocumentRoot /var/www/web/html/
ServerName domain.com
RewriteEngine On
LogFormat "%{True-Client-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%V\" \"%{User-Agent}i\"" combined
CustomLog "|/usr/local/sbin/cronolog /usr/local/apache2/logs/domain.com-access-%d.log" combined
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [F,L]
So what these blue lines doing here?
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny (RewriteMap Tells Apache to read a source file of type Text File)
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND (RewriteCond tells Apache, this is the condition, read parameter from hosts-deny and meet the condition)
Third line tell Apache, if the above condition meets, the Access Denied the request.
Now your time to test the above at your end.
Deny from
Didn't worked...
My websites are Akamaied, so the real IPs i did not able to get...So at end i decided to get Real IPs (Actual IPs - True Client IP)So at first i tried, i should get the actual IP who was hitting by enabling access log .
Here is some settings to get the log in Virtual Host.
LogFormat "%{True-Client-IP}i \"%r\" \"%{Referer}i\"" combined
CustomLog "|/usr/local/sbin/cronolog /usr/local/apache2/logs/domain.com-access-%d.log" combined
# tail -f /usr/local/apache2/logs/domain.com-access-20.log | grep
After getting the IP in access log for culprit domain, added that IP in a file, called in my case host.deny under
/usr/local/apache2/conf/
and in vhost conf, some more entries i made
RewriteEngine On
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [R=401,L]
So final configuration is here:
ServerAdmin manish.singh@domain.com
DocumentRoot /var/www/web/html/
ServerName domain.com
RewriteEngine On
LogFormat "%{True-Client-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%V\" \"%{User-Agent}i\"" combined
CustomLog "|/usr/local/sbin/cronolog /usr/local/apache2/logs/domain.com-access-%d.log" combined
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^/.* - [F,L]
So what these blue lines doing here?
RewriteMap hosts-deny txt:/usr/local/apache2/conf/host.deny (RewriteMap Tells Apache to read a source file of type Text File)
RewriteCond ${hosts-deny:%{HTTP:True-Client-IP}|NOT-FOUND} !=NOT-FOUND (RewriteCond tells Apache, this is the condition, read parameter from hosts-deny and meet the condition)
Third line tell Apache, if the above condition meets, the Access Denied the request.
Now your time to test the above at your end.
No comments:
Post a Comment