The script wp-spamreport.php (as a download here in my git) reports at any time the spam comments of the last 48 hours to blocklist.de. It does not matter when a comment was marked as spam (manually or automatically by example Antispam Bee), but only that the comments are posted in […]
The solution from Block outdated clients won´t work with syslog-ng 3.4.2, because syslog-ng syslog-ng uses “lseek()” to get the end of /proc/net/xt_recent/something while the program() destination just starts the program. Withe the destination file you get log-entries like: Aug 29 00:00:44 mx03.schaal-24.de syslog-ng[20351]: Error suspend timeout has elapsed, attempting to […]
Here is the addition to fail2ban mit xt_recent. Fail2ban can ban ip only until the server restarts. I therefore add the bans not only in the firewall, but store them also into a mysql database. Basics I´ve created the database systemlog which containing two tables – one for the configs […]
To redirect traffic from one port, you can either use iptables PREROUTING or – if need be only tcp – also rinted. Rinetd has the advantage that the setup is simpler. You only have to adjust the settings in /etc/rinetd.conf. To redirect. http and https: #source port destination port 176.9.24.113 […]
my english version Durch mod_cband lässt sich die verfügbare Bandbreite von Apache nach verschiedenen Kriterien drosseln. Das Modul kann von http://cband.linux.pl/download/ oder auch von http://sourceforge.net/projects/cband/ heruntergeladen werden. Zum Installieren reicht wie üblich ./configure make make install Voraussetzung ist aber das APache eXtenSion tool. Die meisten Distributionen bieten mod_cband aber auch […]
Fail2ban an sich is a very handy tool to keep out potential attacking. But it is sometimes unhandly when you just want to unlock a specific ip. I had almost forgotten about the issue until I have to get a comment. 😉 I am now writing the recent entries in […]
There can be problems with the destination file. A solution can be found in the post handle xt_recent from syslog-ng. Due to numerous connects of outdated clients on my clamav-mirror (> 300,000 / day), i add single IP temporarily to the firewall. Requirements: Apache HTTP-Server syslog-ng iptables Configure Apache HTTP-Server The Access […]