[Solved] deny direct ip access to lighttpd
Added by suppost over 9 years ago
some ip scanning bots, trying access to server with ip address of the server like this from access log
ip.address.of.bot ip.address.of.server - [date time] "GET /xytf/zxczx.php HTTP/1.1" 404 345 "-" "the user agent"
how can i deny this kind of access and allow only domain name based access to lighttpd?
thank you
Replies (4)
RE: deny direct ip access to lighttpd - Added by nitrox over 9 years ago
$HTTP["host"] =~ "^(\A([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}\Z)|
(\A([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}\Z)|
(\A([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}\Z)|
(\A([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}\Z)|
(\A([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}\Z)|
(\A([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}\Z)|
(\A(([0-9a-f]{1,4}:){1,7}|:):\Z)|
(\A:(:[0-9a-f]{1,4}){1,7}\Z)|
(\A((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})\Z)|
(\A(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})\Z)|
(\A([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)|
(\A:(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}\Z)$"
{
url.access-deny = ( "" )
}
RE: [Solved] deny direct ip access to lighttpd - Added by gstrauss about 7 years ago
Alternatively, name your vhosts in the match and deny everything else
RE: [Solved] deny direct ip access to lighttpd - Added by MapHtH over 4 years ago
Sorry to resurrect this, but when I copy nitrox config into mine, lighttpd won't start and it says that there's an error:
Starting lighttpd
2019-10-18 20:38:28: (configfile.c.1309) source: getsimple.conf line: 11 pos: 3 parser failed somehow near here: (EOL)
And I also want to block IP access.
Thanks
RE: [Solved] deny direct ip access to lighttpd - Added by gstrauss over 4 years ago
Please see the alternative in my comment above. This regex is absurd. If you want lighttpd to read it, put the '{' on the same line after the final '"' of the regex string, and then fix the error message that lighttpd gives you for having too many captures in the regex.