Urgent!! How to block certain IP from access my files? [Archive]

View Full Version : Urgent!! How to block certain IP from access my files?

wht

10-22-2001, 03:07 PM

One of my visitors make a lot of simultaneous downloads and it screw up my server. My server has been down many times because of that. When I login to the server and type
netstat -n -o, I see that there are several hundred connections from that IP. Is there a way to block that IP from downloading my files?

Right now, I have to shutdown my web server, but it looks like the web server restarts itself after a while. What should I do in order to prevent it from restarting itself??? Please help, that guy is doing that to my server again now. My server crashes every 20 minutes.

BTW, I would like to know how to limit the number of connections per IP too. Please guide me.

Thanks.

MattF

10-22-2001, 03:29 PM

I suggesting adding the IP to /etc/host.deny and reboot the system. I haven't tested this method myself so be careful.

From telnet type
'pico /etc/hosts.deny' and then add the IP and save (note: if you're new to pico the command are at the bottom CTRL+(whatever letter) to issue commands).

Then reboot via
shutdown -r now

MattF

10-22-2001, 03:32 PM

You might also consider adding the following to your .htaccess file in your web directory, this method has not been tested by myself and may not be correct. (If no .htaccess file exists create a blank text file and add the following then save as .htaccess)

<Limit GET>
order deny,allow
deny from IPADDRESS
allow from all
</Limit>

replace IPADDRESS with offending IP.

wht

10-22-2001, 04:21 PM

Originally posted by MattF
From telnet type
'pico /etc/hosts.deny' and then add the IP and save (note: if you're new to pico the command are at the bottom CTRL+(whatever letter) to issue commands).

Then reboot via
shutdown -r now [/B]

Thanks matt! I am trying that now. BTW, can I use '*' in the IP like IPs from a specify domain?

For example,

use 202.45.*.* to block all the IPs starting from 202.45?

huck

10-22-2001, 04:37 PM

hosts.deny will not work if they are downloading via the web server.

hosts.deny only works for those services that use tcp wrappers. generally those started by the inetd super-daemon and listed in the conf.

if they are downloading via httpd, then use the htaccess method mentioned.

for a more rigorous approach us a firewall to block all access to the user's ip range.

searley

10-25-2001, 05:08 PM

Take a look at IP chains in the kernel. Alternatively try

/sbin/route add -host 212.38.248.33 gw 127.0.0.1

which should block it

:D