Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Version information can be useful in attack planning as there are often bugs and exploits that are particular to a version (later versions having been patched for example).

Blocking ip addresses


I would recommend implementing Implementing fail2ban with custom apache filter, ipset, and a sample based verification approach instead of (or in conjunction with) the below approach.  Fail2ban will automate (based on regex expressions on queries received) the blocking of IPs.  Also our fail2ban implementation uses ipset so are blocked at the firewall level rather than being processed and blocked by Apache.

Apache allows several approaches to blocking ip addresses.  You meant have several ip addresses you would like to block, or several hundred.  The approach outlined here is focused more on the latter.