Security :: Block Particular Web Site Form Multiple Hosted Server And Allow Others?
Aug 17, 2010
I am having a web server (apache) and 3 sites are hosted in it, named as www.web1.com,www.web2.com and www.web3.com.
I need to restrict www.web2.com to Internet users and allow only to local network. At same time I need to allow www.web1.com and www.web3.com to both Internet and LAN users.
Normally, on my website, files are either handled by WordPress or by me doing FTP. I'd like to copy my entire site to a new folder. I don't want to copy it down to my local drive (with wget) and then just upload it. How close is this to the line I'd need (except near midnight)
mv -r fromfolder \%todaysdate%
I've played with Unix and Linux for a few days over the years, but I'm a Windows (and DOS-prompt) guy. So, I don't know how to get to the server's command prompt on my 1and1-hosted site.
My question is how to block a subdomain of a site. To make it as clear as possible, I'll give an example. I am regularly entering this arbitrary site [URL] which redirects me to this page [URL] and this index.html takes an image from a subdomain which is a subfolder of itself, that is: [URL]. What I am asking is blocking the images to be taken, but not the main page itself, i.e. to block www.somesite.abc/images/ without blocking the overall www.somesite.abc.
My idea was to use the /etc/hosts file by redirecting to loopback address: Code: 127.0.0.1 www.somesite.abc/images But it looks as if it doesn't affect things at all. Should I use it another way? Modifying /etc/hosts.deny maybe useful?
I have installed proxy server on ubuntu.I have done every process which is needed to establish proxy server.internet is also working fine through proxy but the sites which needs to be blocked it is not blocking.it is opening.I have made entry of sites which i needed to be blocked in block_dstdomain file in proxy
I am running a ubuntu server 10.10 with SSH, and OpenVPN. I use it mainly for the VPN, but I have seen log in attempts such as:
Mar 22 14:52:53 UbuntuSvr sshd: Invalid user support from 126.96.36.199 Mar 22 14:52:55 UbuntuSvr sshd: Invalid user student from 188.8.131.52 Mar 22 14:52:57 UbuntuSvr sshd: Invalid user transfer from 184.108.40.206 Mar 22 14:52:59 UbuntuSvr sshd: Invalid user user from 220.127.116.11
Is it possible to make it so when some one has tried logging in 5 times with an invalid user/pass that the ip is banned for 10 minutes? I have password auth set to no and am using keys.
Ubuntu 10.x servervsftp mysqlwebmin Apache2I am running the Ubuntu server on the same 192.169.x.x subnet as the PC I am using to test vsftp and webmin and Apache.I can connect to the Apache web site hosted on the Ubuntu server but I cannot connect to any other service -- i.e. port 21 or port 10000 or 3306.Netstat shows:
I have suspicious requests in my haproxy logs from multiple sources to the same target. I could deny them in /etc/hosts.deny, but there are too many to keep track of. Is there a way to deny all requests to a specific target either in haproxy or through iptables?
Here's an example of the request: Apr 12 15:11:37 127.0.0.1 haproxy: 18.104.22.168:27072 [12/Apr/2011:15:11:37.315] web_servers frontend_farm/######## 3/0/1/1/169 404 1073 - - --NI 3/3/2/1/0 0/0 "GET /images/comment_icon.gif HTTP/1.1"
I've commented out my amazon instance id for security purposes. The request is for comment_icon.gif which does not exist. All requests go to that. The source IPs are from different countries as well. Blocking a certain country won't work either. Basically, if there was a way to send all requests for comment_icon.gif to /dev/null or something it would work.
I run a small home server (Debian 4), which acts as my gateway to the internet (ie, firewall) and runs a web server, dhcp, dns, and acts as a file server to the rest of the machines on my home network. Now I know it's never a smart idea to have all those services running on the same machine that is acting as a firewall, but I don't fancy running multiple servers just for home use, as it's mainly allowing me to learn system administration.
I noticed a few days ago that my internet had become unbearably slow, to the point where I could sometimes not load web pages. I spent a while searching through log files on my gateway, to try and find out what was eating up all of my bandwidth. When I came to apache's access.log file, I was confronted with this:
Multiple requests to my server, for totally random websites. I didn't even know it was possible to make those types of queries to a webserver. The only thing that is on the web server is a browser based torrent client. I have only shown a small snippet of the log file, but there are around 90k lines to different web addresses, from many different IPs. What I want to know, is what is happening? :S Why is someone querying MY web server, for web sites totally unrelated to it? And most of all, how can I stop it. My initial was to try and use iptables to block multiple requests from the same ip within a certain time frame, which I think would work as the server shouldn't really get many queries from external networks.
I will be doing actual development and testing on the same machine as the server. It is a single user machine in the sense that I will be the only one working on the machine. There will be multiple hosted languages, specifically PHP and RoR while possibly expanding later. I'd like the setup to translate well to a production environment. With those 3 things in mind there are a couple of things I've had in the back of mind.Seeing as it's a single user machine I haven't been able to decide whether or not I should be working on things out of my home directory or if they should be located outside of it.I'm feeling that outside of a user directory would be better as it would translate better to a production environment, but I'm also not sure if that will come with any permission annoyances or concerns seeing as I'll be working on the same machine. Hosting multiple languages seems like it may be a bit quirky. With PHP I've found you're generally just dumping the project somewhere in the document root where as something like a Rails app you have the entire project and you only want the public directory in the document root.
I want to block a domain name in sendmail server. I added the domain name and "REJECT"in /etc/mail/access file. What has to be done for the changes to take effect? when i run make command in /etc/mail dir i get following error : make: Nothing to be done for `all'.
securing VNC connections by tunneling the connection over SSH. However, from the server perspective it will still allow an unsecured connections and you're relying on the client to setup up the SSH tunneling. Is there a way to configure the Linux server to now allow connection over an unsecured channel?
I am using Squid as a proxy server red hat Linux.I want to block some specific web sites like facebook,..... under squid .Please guide me that how can i do it and under which header should i write the script ?
I have a server and i think that my server is under Ddos attack. i see that server is not having much load and only few process runs but my site opens very slow. i executed the following command on my ssh:
We have 4 servers having rhel 5.2. We have several users logged in on one of them. We have nis server/client running on them and have common home area mounted on all of them. Now we want to disable/block the accounts of the users who have not accessed our servers in last 2 months from today.What logic should we apply to do so? We were checking stat of .bashrc of each user but is not correct logic. We are going to write shell script for the same. We dont want to do anything in users home area or their files.
How can I block access to a certain internet site using ufw? Let's say I want to block access to www.xxx.zzz (IP 22.214.171.124) to any program and user; using iptables I can do
sudo iptables -A OUTPUT -d 126.96.36.199 -j DROP how can I do that using ufw? if ufw can not do this, where should I put this rule to persist it over reboot, without interfering with ufw chains infrastructure?
Is it possible to setup apache to normally block an IP from accessing a site until that IP is in a database/file?More or less, I need a login system that another script can add/remove the IPs and the site can be accessed by only those IPs.
I am attempting to create a form in bash that would display multiple radio lists with an OK and cancel button on the bottom. I tried using the command line tool dialog, which is really nice. But it won't let me do multiple radio lists on the same form.
i compiled and install postfix, and i using relayhost that point to my ISP. but my "DNS server" is on the same server where is installed postfix. and there is running apache with vhosts so i have domain that hosted on same server and in zonefiles of my domain my MX records points to Google Apps, to google's MX servers. But when i try send E-mail via sendmail to email@example.com it not deliver mail to Google Apps totally, if i try to send to another E-mail everything fine it deliver it. so finally i done research this problem in Internet. And find that need to disable deliver mail to localhost(localdelivery)as i think postfix understand that the domain point to the same server where postfix have itself. and try to deliver mail local. but zonefile MX record even the domain on same server can point to another server outside. So i disabled localdelivery in postfix. and problem not fixed
When i starts it for the first time,my sites getting loaded fast when requested through browser,but slows down gradually. what could be the reason, my cpu load seems ok. Because i have another site hosted through apache in the same server and its getting loaded fast. so what could be the issue.
In the office there is a local network with samba+openldap PDC. The local domain name is company.net. The company desided to create a corporate Website on a remote hosting and desided that the site's domain should be company.net which is same as local network's domain name. So now it is not possible to reach that corporate website from within the company's local network because, as I guess, bind9 which is installed on above menioned PDC looks for company.net on a local webserver. Is there a possibility to let people from this local network browse the remote site?