If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Deny Specific Incomming IP to Webserver
I would like to be able to deny specific IPs from ever hitting my Apache web
server. I can Deny them via the httpd.conf file, but that only stops them from getting my pages, they still know the server exists. I tried via the IP Security Policies in MMC but my test computer still showed up in the Apache log. Since I have port 80 forwarded through my SOHO router to my WebServer, is it possible to actually deny a specifi IP from seeing open port? Any suggestions of a non overly intrusive software firewall, or a built in ACL, or filter would be greatly appriciated. |
Ads |
#2
|
|||
|
|||
Deny Specific Incomming IP to Webserver
Ipsec should work if configured correctly and will block the IP at the
network layer before the application ever sees it. The link below may help with ipsec filtering policy configuration. Your SOHO router may or may not be able to do what you want depending on it's capabilities. "Real" firewalls would allow you to add a firewall rule that blocks access from a specific IP and the ordering of firewall rules is important to make sure the more specific rules are processed before the general rules. Ipsec rules are not dependant on the order they are listed but instead are assigned a weight with more specific rules taking precedence over general rules. Let me know if you still have problems with ipsec. --- Steve http://www.securityfocus.com/infocus/1559 "Yogi_Bear_79" wrote in message ... I would like to be able to deny specific IPs from ever hitting my Apache web server. I can Deny them via the httpd.conf file, but that only stops them from getting my pages, they still know the server exists. I tried via the IP Security Policies in MMC but my test computer still showed up in the Apache log. Since I have port 80 forwarded through my SOHO router to my WebServer, is it possible to actually deny a specifi IP from seeing open port? Any suggestions of a non overly intrusive software firewall, or a built in ACL, or filter would be greatly appriciated. |
#3
|
|||
|
|||
Deny Specific Incomming IP to Webserver
Steve,
While I am reading the page you sent me, I wanted to let you know that my SOHO is a Linksys BEFCMU10. It appears the the FIREWALL portion is only for outbound..Seems odd that it wouldn't filter inbound "Steven L Umbach" wrote in message . .. Ipsec should work if configured correctly and will block the IP at the network layer before the application ever sees it. The link below may help with ipsec filtering policy configuration. Your SOHO router may or may not be able to do what you want depending on it's capabilities. "Real" firewalls would allow you to add a firewall rule that blocks access from a specific IP and the ordering of firewall rules is important to make sure the more specific rules are processed before the general rules. Ipsec rules are not dependant on the order they are listed but instead are assigned a weight with more specific rules taking precedence over general rules. Let me know if you still have problems with ipsec. --- Steve http://www.securityfocus.com/infocus/1559 "Yogi_Bear_79" wrote in message ... I would like to be able to deny specific IPs from ever hitting my Apache web server. I can Deny them via the httpd.conf file, but that only stops them from getting my pages, they still know the server exists. I tried via the IP Security Policies in MMC but my test computer still showed up in the Apache log. Since I have port 80 forwarded through my SOHO router to my WebServer, is it possible to actually deny a specifi IP from seeing open port? Any suggestions of a non overly intrusive software firewall, or a built in ACL, or filter would be greatly appriciated. |
#4
|
|||
|
|||
Deny Specific Incomming IP to Webserver
"Yogi_Bear_79" wrote in message ... I would like to be able to deny specific IPs from ever hitting my Apache web server. I can Deny them via the httpd.conf file, but that only stops them from getting my pages, they still know the server exists. I tried via the IP Security Policies in MMC but my test computer still showed up in the Apache log. Since I have port 80 forwarded through my SOHO router to my WebServer, is it possible to actually deny a specifi IP from seeing open port? Any suggestions of a non overly intrusive software firewall, or a built in ACL, or filter would be greatly appriciated. Trying to keep your ISP from discovering you have a web server ? I know Comcast in the past has often probed looking for that sort of stuff. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Cannot connect to specific website | agentzac | Windows XP Help and Support | 1 | May 24th 07 12:40 AM |
Using Acronis True Image 8 to clone to a specific partition | Anna | General XP issues or comments | 3 | February 17th 05 03:37 AM |
"Deny all Add-Ons Unless Specifically Allowed" JavaScript Problem | kevn | Security and Administration with Windows XP | 0 | October 19th 04 10:11 PM |
Intellitype Program Specific Button Assignment | Malcolm Dowers | Hardware and Windows XP | 2 | August 25th 04 07:06 PM |
Can I search for specific FOLDER name? | George | Windows XP Help and Support | 14 | July 29th 04 10:13 PM |