Mailing List Archive

blacklisting
Hi All,

I have been using A2 for a few years now, but I've not really needed to
implement any deny/black-listing because I simply have no meaningful
security/traffic constraints. In moving forward with development on top of
A2 which does have security implications, I'm hoping it might be possible
that folks might be willing to share how they store blocked remote
addresses. For instance, are relational datastores and other such objects
typically required at the enterprise level to store blocked addresses? Or
is a plaintext file suitable from an efficiency standpoint?

Best,
Will F
Re: blacklisting [ In reply to ]
On 6/16/2021 9:05 PM, Will Fatherley wrote:
> Hi All,
>
> I have been using A2 for a few years now, but I've not really needed
> to implement any deny/black-listing because I simply have no
> meaningful security/traffic constraints. In moving forward with
> development on top of A2 which does have security implications, I'm
> hoping it might be possible that folks might be willing to share how
> they store blocked remote addresses. For instance, are relational
> datastores and other such objects typically required at the enterprise
> level to store blocked addresses? Or is a plaintext file suitable from
> an efficiency standpoint?
>
> Best,
> Will F

I find it easiest to implement blocks at the border firewall especially
if I'm implementing a stored list of known attack IP addresses. At the
border firewall I can easily block a set of IP addresses from the WAN to
all my resources... httpd and others.

Within Apache there are a variety of examples of what you can do at:
https://httpd.apache.org/docs/2.4/howto/access.html

I'm sure others can add to this advice from their own experiences.

Jim


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: blacklisting [ In reply to ]
We are using a border firewall too. This firewall includes an option to
auto update "list of bad IP" from a proprietary database.

Also you can use a public bad IP list, for example:
https://feodotracker.abuse.ch/blocklist/ or
https://github.com/mlsecproject/combine/wiki/Threat-Intelligence-Feeds-Gathered-by-Combine,
and create a crontab script to parse this list and update your .htaccess
file

Missatge de Jim Albert <jim@netrition.com> del dia dj., 17 de juny 2021 a
les 3:30:

> On 6/16/2021 9:05 PM, Will Fatherley wrote:
> > Hi All,
> >
> > I have been using A2 for a few years now, but I've not really needed
> > to implement any deny/black-listing because I simply have no
> > meaningful security/traffic constraints. In moving forward with
> > development on top of A2 which does have security implications, I'm
> > hoping it might be possible that folks might be willing to share how
> > they store blocked remote addresses. For instance, are relational
> > datastores and other such objects typically required at the enterprise
> > level to store blocked addresses? Or is a plaintext file suitable from
> > an efficiency standpoint?
> >
> > Best,
> > Will F
>
> I find it easiest to implement blocks at the border firewall especially
> if I'm implementing a stored list of known attack IP addresses. At the
> border firewall I can easily block a set of IP addresses from the WAN to
> all my resources... httpd and others.
>
> Within Apache there are a variety of examples of what you can do at:
> https://httpd.apache.org/docs/2.4/howto/access.html
>
> I'm sure others can add to this advice from their own experiences.
>
> Jim
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--
Marc Serra
Organització i Sistemes

--












Manxa 1876, S.L.
Ctra. Les Tries,
85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com
<https://www.manxa.com>*
_ *Manxa Industrial
<https://www.manxaindustrial.com>*
_ *Manxa Ferros
<https://www.manxaferros.com>*
_ *Manxa Ferreteria i Parament de la Llar
<https://www.manxabricolatge.com>*___







--

Manxa
1876, S.L. *
Ctra.
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

--


El contingut d’aquest correu electrònic i els seus annexos és
estrictament confidencial. En el cas que no siguis el destinatari i hagis
rebut aquest missatge per error, preguem que ho comuniquis al remitent i
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido
de este correo electrónico y sus anexos es estrictamente confidencial. En
el caso de que no seas el destinatario y hayas recibido este mensaje por
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es
necesario.

The content of this email and its attachments is strictly
confidential. If you are not the recipient and you have received this
message by mistake, please notify the sender and proceed to its
elimination, without spreading, storing or copying its content. Print this
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes
est strictement confidentiel. Dans le cas où vous n'êtes pas le
destinataire et avez reçu ce message par erreur, veuillez en informer
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier
son contenu. Imprimez cet e-mail uniquement si nécessaire.