Issue

Our site is experiencing a denial of service attack, spam, or getting hacked. How to block IP addresses at the Apache HTTP Server (AEM Dispatcher) level?

Solution

Most Web Application Firewalls (WAF), such as mod security, can block lists of IP addresses. However, if you are running Apache HTTP Server and would like to block IP's immediately follow these steps: 

  1. Create a file named block-offending-ips.conf on your server.

  2. Open the file in an editor and add a Location directive that blocks all offending IP's from accessing whatever URLs you want to block.

    <LocationMatch "/.*">
    Order Allow,Deny
    Allow from all
    SetEnvif X-Forwarded-For "10\.42\.137\.123" DenyAccess
    SetEnvif X-Forwarded-For "122\.6\.218\.101" DenyAccess
    #repeat the SetEnvlf X-Forwarded-For ... for each IP you want to block 
    Deny from env=DenyAccess
    </LocationMatch> 
  3. Drop the file block-offending-ips.conf in /etc/conf.d folder of the Apache Web server.

  4. Restart the Apache HTTP Server. 

Esta obra está licenciada sob uma licença não adaptada da Creative Commons Attribution-Noncommercial-Share Alike 3.0  As publicações do Twitter™ e do Facebook não são cobertas pelos termos do Creative Commons.

Avisos legais   |   Política de privacidade online