A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Security and Administration with Windows XP
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Deny Specific Incomming IP to Webserver



 
 
Thread Tools Display Modes
  #1  
Old December 7th 05, 01:41 AM posted to microsoft.public.windowsxp.security_admin
external usenet poster
 
Posts: n/a
Default Deny Specific Incomming IP to Webserver

I would like to be able to deny specific IPs from ever hitting my Apache web
server. I can Deny them via the httpd.conf file, but that only stops them
from getting my pages, they still know the server exists.

I tried via the IP Security Policies in MMC but my test computer still
showed up in the Apache log. Since I have port 80 forwarded through my SOHO
router to my WebServer, is it possible to actually deny a specifi IP from
seeing open port?

Any suggestions of a non overly intrusive software firewall, or a built in
ACL, or filter would be greatly appriciated.


Ads
  #2  
Old December 7th 05, 02:14 AM posted to microsoft.public.windowsxp.security_admin
external usenet poster
 
Posts: n/a
Default Deny Specific Incomming IP to Webserver

Ipsec should work if configured correctly and will block the IP at the
network layer before the application ever sees it. The link below may help
with ipsec filtering policy configuration. Your SOHO router may or may not
be able to do what you want depending on it's capabilities. "Real" firewalls
would allow you to add a firewall rule that blocks access from a specific IP
and the ordering of firewall rules is important to make sure the more
specific rules are processed before the general rules. Ipsec rules are not
dependant on the order they are listed but instead are assigned a weight
with more specific rules taking precedence over general rules. Let me know
if you still have problems with ipsec. --- Steve

http://www.securityfocus.com/infocus/1559

"Yogi_Bear_79" wrote in message
...
I would like to be able to deny specific IPs from ever hitting my Apache
web server. I can Deny them via the httpd.conf file, but that only stops
them from getting my pages, they still know the server exists.

I tried via the IP Security Policies in MMC but my test computer still
showed up in the Apache log. Since I have port 80 forwarded through my
SOHO router to my WebServer, is it possible to actually deny a specifi IP
from seeing open port?

Any suggestions of a non overly intrusive software firewall, or a built in
ACL, or filter would be greatly appriciated.



  #3  
Old December 7th 05, 02:52 AM posted to microsoft.public.windowsxp.security_admin
external usenet poster
 
Posts: n/a
Default Deny Specific Incomming IP to Webserver

Steve,

While I am reading the page you sent me, I wanted to let you know that
my SOHO is a Linksys BEFCMU10. It appears the the FIREWALL portion is only
for outbound..Seems odd that it wouldn't filter inbound



"Steven L Umbach" wrote in message
. ..
Ipsec should work if configured correctly and will block the IP at the
network layer before the application ever sees it. The link below may help
with ipsec filtering policy configuration. Your SOHO router may or may not
be able to do what you want depending on it's capabilities. "Real"
firewalls would allow you to add a firewall rule that blocks access from a
specific IP and the ordering of firewall rules is important to make sure
the more specific rules are processed before the general rules. Ipsec
rules are not dependant on the order they are listed but instead are
assigned a weight with more specific rules taking precedence over general
rules. Let me know if you still have problems with ipsec. --- Steve

http://www.securityfocus.com/infocus/1559

"Yogi_Bear_79" wrote in message
...
I would like to be able to deny specific IPs from ever hitting my Apache
web server. I can Deny them via the httpd.conf file, but that only stops
them from getting my pages, they still know the server exists.

I tried via the IP Security Policies in MMC but my test computer still
showed up in the Apache log. Since I have port 80 forwarded through my
SOHO router to my WebServer, is it possible to actually deny a specifi IP
from seeing open port?

Any suggestions of a non overly intrusive software firewall, or a built
in ACL, or filter would be greatly appriciated.





  #4  
Old December 10th 05, 03:26 AM posted to microsoft.public.windowsxp.security_admin
external usenet poster
 
Posts: n/a
Default Deny Specific Incomming IP to Webserver


"Yogi_Bear_79" wrote in message
...
I would like to be able to deny specific IPs from ever hitting my

Apache web
server. I can Deny them via the httpd.conf file, but that only stops

them
from getting my pages, they still know the server exists.

I tried via the IP Security Policies in MMC but my test computer still
showed up in the Apache log. Since I have port 80 forwarded through

my SOHO
router to my WebServer, is it possible to actually deny a specifi IP

from
seeing open port?

Any suggestions of a non overly intrusive software firewall, or a

built in
ACL, or filter would be greatly appriciated.


Trying to keep your ISP from discovering you have a web server ?

I know Comcast in the past has often probed looking for that sort
of stuff.

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot connect to specific website agentzac Windows XP Help and Support 1 May 24th 07 12:40 AM
Using Acronis True Image 8 to clone to a specific partition Anna General XP issues or comments 3 February 17th 05 04:37 AM
"Deny all Add-Ons Unless Specifically Allowed" JavaScript Problem kevn Security and Administration with Windows XP 0 October 19th 04 10:11 PM
Intellitype Program Specific Button Assignment Malcolm Dowers Hardware and Windows XP 2 August 25th 04 07:06 PM
Can I search for specific FOLDER name? George Windows XP Help and Support 14 July 29th 04 10:13 PM






All times are GMT +1. The time now is 10:19 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.