On Friday 01 November 2019 18:06:26 to...@tuxteam.de wrote: > On Fri, Nov 01, 2019 at 04:35:24PM -0400, Gene Heskett wrote: > > On Friday 01 November 2019 14:44:07 Gene Heskett wrote: > > > On Friday 01 November 2019 13:43:04 to...@tuxteam.de wrote: > > > > On Fri, Nov 01, 2019 at 01:12:46PM -0400, Gene Heskett wrote: > > > > > On Friday 01 November 2019 12:42:21 to...@tuxteam.de wrote: > > > > > > > > [...] > > > > > > > > > > https://en.wikipedia.org/wiki/Robots.txt > > > > > > > > > > Did that, blanket Disallow for all didn't stop them. But they > > > > > are spacing out the requests now, so the average traffic is > > > > > very low. I can tolerate that. > > > > > > > > You can block by user agent, that's more drastic. > > > > > > > > If I've been paying attention, you are on apache. Then this > > > > might be relevant: > > > > > > > > > > > > https://httpd.apache.org/docs/2.4/rewrite/access.html#blocking-o > > > >f-ro bo ts > > > > > > Unfortunately its starts with a very fuzzy explanation of where > > > to put all those examples. I suspect thats because I probably > > > don't have near all of apache2 installed. > > Those are directives for the apache configuration, somewhere under > /etc/apache2, I guess (it's a while since I did Apache -- these days I > prefer something smaller, like lighttpd). > > > Nother question, perhaps back on thread. I have 30 or so copies of a > > rotots.txt that should block the bots, but in half an hour after > > I've done an apache2 restart, they are back again. > > > > Does apache2 pay any attention to hosts.deny, and does hosts.deny > > honor CIDR addresses which would allow me to block the whole /24 > > they are coming from. What they are doing is, since they're using > > all my upload bandwidth, qualifies as a DDOS. > > That will depend on whether apache is compiled with tcpwrappers > (that's the library implementing the hosts.{allow,deny} policies). I > don't know whether Debian's distribution does that (perhaps others > will). > > > And at this point I don't care if I play dirty with stuff outside of > > apache2's control. > > > > Ack the man page CIDR working is yes. But there is no clue what log > > file to look at to see if its working to control what apache2 does. > > That would be most helpfull. > > > > And a new one just showed up, a Mac known as > > bytespi...@bytedance.com, and he/she got put in hosts.deny. tsk tsk. > > IMO Apache config is the cleaner option here, but hey, it's your box > :) That was my thinking also > > For apache, you'll find the log files in /var/log/apache2, I think. > For tcpwrappers... dunno. > I'll make sure its installed. Right now. But that is a problem: root@coyote:etc$ apt install tcpwrappers Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package tcpwrappers
Humm, further exercise with a dital potatoe fork discloses that "tcpd" is the old tcpwappers, and its installed and running. It uses /etc/hosts.allow and /etc/hosts.deny so I'd expect them to work. which they seem to be. Your trivia factoid for today I guess. Thanks Tomas. > Cheers > -- t Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis Genes Web page <http://geneslinuxbox.net:6309/gene>
