Is it possible to block an IP or a block of IPs from accessing the server in Apache / Redhat? I want to block off proxy servers where they steal ad revenue by placing their own ads over my sites. It really makes me mad! >:-(

you ca do this at the firewall. You can also do this in apache with deny from

Is this a cpanel box? If so, you probably have portsentry on it. To block out an ip, just do:

/sbin/route add IPADDRESS

Its all in:
/etc/hosts.allow
/etc/hosts.deny

Googlify for more info :)

Originally posted by a1022
Is it possible to block an IP or a block of IPs from accessing the server in Apache / Redhat? I want to block off proxy servers where they steal ad revenue by placing their own ads over my sites. It really makes me mad! >:-(

I'm not sure that you are talking about gator blocking but I thought you would like to have this :

http://developerdispatch.com/dispatch/devdis010.html
a link to some nifty code for "scumware detection" on your web pages. Which I might ad, that all hosting firms should have because gator and other "scumware" currently have hosting being sold to someone....

got the link yesterday but I don't recal from where right now.

Now if your trying to block "scumware" at the server level (not user level), PLEASE SHARE YOUR INFO.

I was under the impression that the feedback ( the covering of the advertising and placing new links) was at the users browser and the information was never seen on the hosting sites servers.

I have no conclusive data to confirm this ( just netstats and traceroute's from my pc) it's still an observation. I would enjoy finding out your observations

-Michael

Its all in:
/etc/hosts.allow
/etc/hosts.deny

Googlify for more info

Var, will this work with every request to every virtual site?

Is this a cpanel box? If so, you probably have portsentry on it. To block out an ip, just do:
/sbin/route add IPADDRESS


Teck, what exactly does this do? Does it add and IP to be blocked or does it add an IP to be allowed? I'm a bit confused.

Now if your trying to block "scumware" at the server level (not user level), PLEASE SHARE YOUR INFO.

The only way I know that might work is to block out the proxy IPs or block the IPs that the scumware are come from. Other than that, I don't know what else I could do. :( How does the people that made these scumware sleep at night?

Try putting this in your Apache configuration file for EACH virtual host you want to protect.

<Location />
Order Deny,Allow
Deny from 1.1.1.1
Deny from 2.1.1.1/255.255.255.0
Deny from 1.1.1.0/8
Allow from all
</Location />

Obviously you should replace the numbers with the appropriate IP addresses. The top example is blocking a single IP address, the middle example is blocking an entire class C, and the bottom is blocking an entire class A. Only block those IPs you know to be a problem--you don't want to block so many people that you severely limit the viewership of the site.

Good luck!

--Erika Stokes

What is the difference between a class A and a class C? Sorry I'm a newbie. :(

A Class C is 255 IP addresses, a Class A is millions... it would be like blocking an entire country.

--Erika

Thanks fo rall the info Erika. So what should I put if I want to block off all IPs from 111.111.111.xxx? Should I use this?

Deny from 111.111.111.0/8

Sorry about the late response, Yeah it will block access to all virtual sites, even SSH, even FTP.. >everything< :)

Thanks for all the info. :)

to get rid of "scum ware" will require great efforts and sometime's a loss of clients if you are willing to risk it these are the first 2 steps

1) knowing the e-mail signature of all the "scum ware" companies, you can black hole them. ( just like MAPS realtime Blackhole ), so their e-mail can not be routed via your servers.
That will effectively reduce their communication skills with clients, nothing better than a pissed off client

2) ask your clients to place on their servers "scumware detection software" ( the java or active x version ) and warn the end users. More that your clients know that your their to protect their revenue the more they like you.

3) complain / ask the ISP to blackhole their routing at the router.

If you kill enough of their traffic they can't make money.

-Michael