I need to make a script in which I want to block an ip when its access on a web server exceeds than certain number e.g., 5000 for a particular time period, let's say for 6 hours or 12. If any ip exceeds that limit, it should automatically be blocked. I also want to run this script on regular intervals in 24 hours for atleast 2 times.
View 2 Replies
I have one hard disk (call her HDA) that contains nothing but a single ext4 partition containing a backup of all my important data. Last night I did a clean install of Ubuntu 10.10 on my primary hard disk (call her HDB) and from there proceeded to upgrade directly to Ubuntu 11.04 upgrade. In 10.10, I was able to read HDA just fine. However after the upgrade, I can no longer mount this drive. When mounting from file browser:
Code:
Error mounting: mount: wrong fs type, bad option, bad superblock on /dev/sda,missing codepage or helper program, or other error In some cases useful info is found in syslog - try dmesg | tail or so The end of dmesg said the following:
Code:
dmesg | tail
[ 82.130904] EXT4-fs (sda): bad geometry: block count 122096646 exceeds size of device (122096381 blocks)
my hard disk has a block count greater than the size of my device. I've done my background searching on this and tried a command line utility I've never heard of before:
Code:
# sudo e2fsck /dev/sda
e2fsck 1.41.14 (22-Dec-2010)
The filesystem size (according to the superblock) is 122096646 blocks
The physical size of the device is 122096381 blocks
[code]....
this is as far as I've gotten. This drive holds over a decade's worth of work for me and is extremely valuable. I really didn't think that the Ubuntu upgrade process would mess with this drive, seeing as the Ubuntu install was contained on an entirely different drive. What is it that I need to do to restore my drive to working status?
My server gets ddos attacks. I dig into access logs and I saw that attacker ips doesn't have valid requests headers, like their browser application info or requested url info.I want to close those connections immediately, and if it's possible block those ips for a time period.Can I do that with Apache and iptables?I searched on the internet but couldn't find useful results. Probably couldn't search for the right words.
View 2 Replies View RelatedI need to block all BitTorrent access on my machine, ie blovk users from using Bittorrent. Is there a port range I can block or some sort of protocol?
View 9 Replies View RelatedI am installing Big Brother on a CentOS 5.2 running the default Apache 2.2.3. When I try to access any web page I get the following error: Forbidden You don't have permission to access /bb/ on this server. Apache/2.2.3 (CentOS) Server at fmsubbnix Port 80 So far I have:
1) Set the Directory options to FollowSymLinks
2) Verified all directory and file permissions are at 755
3) Set permissions temporarily to 777 and received same error so I am assuming the issue is in a config file somewhere
4) in hhtpd.conf verified <Files ~ "^.ht"> is correct
5) verified the "default" directory is correct (/var/www/html)
I have read and tried several ideas in posts listed on the web but to no avail and am at a loss as to what to look for next..
I run my own home server using OpenSuse 11.1, everything is setup using apache, php, etc etc, and it all works perfect, but now I need to use my own email server for the use of Dolphin social networking software, so that when someone registers, the email server sends out registration confirmation emails, so I set up postfix, yeah right!!!, even though I followed all instructions to set postfix as a closed relay, a test done at mxtoolbox site still said it was an open relay, but while I was trying to set up postfix, my access to the server slowed down, and my servers drive light was constantly active,,, so when I look at the mail queue, I saw 4000+ emails, all from japan, (hinen.net), so I promptly shut down postfix and use postsuper -d ALL in the command console to delete the queue, but no matter how I try, I couldn't configure postfix as a closed relay,,, so I uninstalled it and installed sendmail, and using webmin, I could use a spam list and block the domain, now, sendmail's test at mxtools show as a closed relay, I can't even send out a test email using smtp auth, but disabling auth, I can, but now my IP is blocked at spam cop, and spamhaus,,, gmail server say my IP is not authorized to send to their servers, but to use my ISP relay instead,,, but my ISP doesn't have a relay,,hence the need to run my own email server.
My home server uses double layer firewall, a hardware firewall between the internet and the server, and a software firewall on the server, and I only allow the ports I need, IE, 80 = http, 443 = https, 20/21 = ftp, 25 = smtp, 110 = pop3. and that's all, but any other internal access from my workstation to the server, using ssh, I only open the ports on the server firewall. If someone here has a great deal of knowledge on sendmail, and can set up a an M4 (linux.mc) config file for me, it would be much appreciated. What I would like my email server to do, is to only allow the sending of emails from inside it's own server system,, ie, when a php script sends an email to the server, then the email server would let it through, but anything else, outside the local network is ignored.
in my network, users has total access to their PCs, so theres a problem to filter (URL, ports,etc.) their virtual machines installed (they can assign self any IP, e.g.)
Id thought about use the MAC prefix in VMware VMs (00:0c:29:*), but i can only found a way through DHCP, and this isn't a good solution (they can assign a static IP to workaround...)
It will be better using firewall (iptables), but I don't found the way to add rules based in MACs with wildcards.
i was tasked to setup a proxy server to block access to some websites. i'm using centOS 5 and Squid 7:2.6 STABLE21-6.e15...i appended the following and tested the configuration with the supposed server i am using and the it does seem to work but now i'm wondering how i can test it with a client computer..i have 2 LAN cards and i just connected the other to one PC (can a direct connection work or does it need to pass thru a switch or hub)...i just can't figure out how it should be... how do i configure the 2nd LAN card to use this computer as its proxy server?
View 8 Replies View RelatedI want to filter and block failed attempt to access my proftp server. Here are few line from the /var/log/secure file:Quote:
Jan 2 18:38:25 server1 proftpd[17847]: server1.XYZ.com (93.218.93.95[93.218.93.95]) - Maximum login attempts (3) exceeded
Jan 2 18:38:27 server1 proftpd[17864]: server1.XYZ.com (93.218.93.95[93.218.93.95]) -
[code]....
I installed Apache server with Debian 5.0.2 Lenny. I am trying to write a script which would analysis web log files. I found the log files on /var/log/apache2. There is an access log file, `access.log`. My question is what configuration file determines the location and the name of the access log file. How can I change them? I used CustomLog in /etc/apache2/apache2.conf like below.LogFormat ": %h %l %u %t "%r" %>s %b" common
CustomLog /home/test/my_log_file common Apache2 generated /home/test/my_log_file. But no logs were written in the file even after I run `/etc/init.d/apache2 restart`. Ichanged the log file location. It still didn't work. However, Apache2 still wrote logs in the file `/var/log/apache2/access.log`
I'm having a problem when I try to connect to my apache2 server from any client in my network using the .local address with the firewall on. I opened the port 5353 UDP but I still can't connect. The only way I can connect is disabling the firewall which I don't like to do on the server. What I'm doing wrong?
View 9 Replies View Relatedi have already configured a domain in my server. now i have configured multiple local ip addresses,can i configure a domain for each local ip address. is it possible. if possible how can i access the web page through apache.Because already i am accessing the web page for a pre-configured domain from the path /var/www. if i able to create new domain.From where the apache fetches that index.html file, when requested through browser.
View 5 Replies View RelatedI have a fresh fedora 13 install, I managed to browse and setup my phpadmin.....and browse everthing locally. I can not browse the web site from any other machine in my network. All my machines get their IPs from my dhcp (192.168.1.0).I googled and read a thread in this forum, I understood it might be due to SELINUX. I disabled it, rebooted, still have the same behavior, browse my apache locally but not from other machines. I did a telnet from one of my machines using the IP as followstelnet 192.168.1.11 80got the following onnecting To 192.168.1.11...Could not open connection to the host, on port 80: Connect failed.I checked error-log and access_log file, found no hint. I think it should be something related to some fedora systemor firewall or selinux config that is not allowing access to it.
View 4 Replies View RelatedI am looking for the best way to set up permissions in the following situation. I have a web server set up on debian. I have different web sites in /var/www. Each web has a group of developers who each have system users and ssh access to the server. For example i have a web site in /var/www/example.com and a group of developers in group exampledev. I need all the users in exampledev plus the apache user (www-data) to have read write and execute permissions on all the content of the web site. I can give the group exampledev these permissions without a problem. The problem is that when they modify or create new files (they either connect via ssh o sftp which is the same right?) they are created with their user and group rather than exampledev. Am i going down the wrong path? This must be a common situation but i haven't found the solution.
View 5 Replies View RelatedWe have Apache installed on CentOS 5.3 in our laboratory. Indeed the server is running fine for almost two years since it is actually the first CentOS 5 that was released just regularly updated. Now, most of our applications are custom made PHP applications and until now we somehow managed to avoid using PHP to fetch files that are on the internet itself. But now we are desperate because we need to allow PHP to fetch files through Apache but it seems as if Apache is not allowed to make a connection to the outer world. Additionally we use a proxy server to connect to the outer world so right at the beginning http_proxy is used to set that environmental variable. And for the root user it all works fine after that but it seems as if the apache user is not allowed to access the internet. Just to make a remark our web server can be accessed from the outer world so its a one way street for now.
View 1 Replies View RelatedI have installed Apache on Centos, had no issues during setup, httpd seems to be running but I can't access my slice through [url]. It looks like Apache has some issues or something?
View 2 Replies View RelatedIm trying to config my intranet to be accessible from inside the network (lan) without need of password and ask for a passwd for those who are viewing from Wan ....
Today my intranet can only be accessed from Lan, external access give me an Unauthorized message, I took look around, try #irc and still can get the appropriated help, I hope that someone here could help me on that...
A piece of my config:
Code:
I was unable to access my dedicated server for few minutes. I have checked the apache error logs and found below notice:
[notice] caught SIGTERM, shutting down
I have tried to search from Google but could not find much information about this error.
I'm trying to set up a small Intranet system to run OpenERP or similar using browser-based clients. I have an Ubuntu machine running 10.04 desktop edition to act as a temporary/testing server until we set up a proper, dedicated machine with 10.04 server edition. I have installed Apache2 from the repos and it is up and running fine - locally. That is the problem, I can't access the server from other machines on the LAN. Ping works, btw. So I've been reading tutorials and howtos for the past week, but for the life of me, I can't find what I'm doing wrong. The standard Apache setup seems to be made to "just work", so although I've looked at the various configuration files mentioned in the tutorials, I haven't actually changed anything.
View 9 Replies View RelatedI set up my first web server and it works flawlessly -when accessed from external network or from other computers on my lan. However, I cannot access it from the computer where the server is run on. I have found numerous people with similar problems but the flavour I am experiencing is somewhat different and no solutions I have found apply to it.
I have two network interfaces on my server, eth0 (public static IP connected to internet directly) and eth1 connected to LAN 192.168.1.0/24 range. The server is 192.168.1.1. It is connected directly to the internet and serves as a SNAT for other comps on the lan.I added "192.168.1.1 www_server_com" to the /etc/hosts on the server and also on the other machines on the LAN. All the other machines can open website without any problem.HOwever, the server itself only opens website if the address islhost. Internal IP, i.e. 192.168.1.1. gets a time out and so does www_server_com ( I cant use dots as I do not have more than 15 posts on the forum )Here is the firewall script I am using.
#!/bin/sh
#
# Example Firewall Script
[code]...
I am trying to set up an ampache server using apache as the webserver. The instructions have the following line as one of the requirments: Your webserver has read access to the /sql/ampache.sql file and the /config/ampache.cfg.php.dist file..I have essentially zero experience with apache, and I'm not sure how to grant read access to a file.
View 1 Replies View RelatedI've created a application,i tried to deploy in JBoss application server..that application working fine.so i tried to run my allication in apache web server,i have done some configuration in apache & installed apache-tomcat connector also..its working fine.but i will try access next page its showing error.
View 1 Replies View RelatedIn CGI scripts, there are certain files that are getting "permission denied" when it seems they should be accessible by the apache user. I am running the default package install of apache under fedora. Here is an example:The following is /var/www/cgi-bin/test.pl
Code:
#!/usr/bin/perl
use strict;
[code]...
To automatically upgrade i need to connect to a FTP server. Now do i have to allow wordpress access via apache to the machine it is on or do i have to create a ftp server on another machine with the files on it?
View 2 Replies View RelatedI have no idea what is going on here and this is the second time it has done this but. I just installed Lucid Lynx Desktop Edition for my Server. I have installed apache php5 mysql binarys. I have 3 ips on the machine 10.0.1.30, 10.0.1.37, 10.0.1.38. .30 is the main ip 10/100 the rest are 10,100,1000 ports. I can only access Apache 2.2 over .37 or .38 but not .30
I have not used Ubuntu alot but I am starting to and this really pisses me off since all my computer have aliases to the machine through .30
I am a newbie to linux of 4 weeks. I set up my first web server and it works flawlessly - when accessed from external network or from other computers on my lan. However, I cannot access it from the computer where the server is run on. I have found numerous people with similar problems but the flavour I am experiencing is somewhat different and no solutions I have found apply to it.I have two network interfaces on my server, eth0 (public static IP connected to internet) and eth1 connected to LAN 192.168.1.0/24 range. The server is 192.168.1.1
I added "192.168.1.1 www.server.com" to the /etc/hosts on the server and also on the other machines on the LAN. All the other machines can open website without any problem.
HOwever, the server itself only opens website if the address is localhost. Internal IP, i.e. 192.168.1.1. gets a time out and so does www.server.com.I do not understand why the record in etc/hosts doesn't point it in the right direction. It seems that when I open address 192.168.1.1 it still gets routed to the external network. I have seen using DNAT to deal with the problem but it didn't work in my case (maybe I didn't do it correctly). I have spent whole evening/night trying to sort it out, it's 4AM now, going to bed frustrated and angry (at myself hahaha). Still like linux very much, won't be going to windows anymore. Please help
I have an access database and I would like to build a website on the slackware 12.2 server running apache 2.11.14 to let users query data from the MS Access database. I am thinking that I could just do it in jscript and make a jdbc connection and that should be good. What do you guys think.
View 2 Replies View RelatedI'm not sure is this is possible or not, but what I would like to do is take my public address mydomain.com and configure a virtual host something.mydomain.com only instead of having the content on the same server I would like it to point to the IP of my virtual machine that is in my private network and display that page publicly. Does anyone know if this is possible, or how to do it? I have done this with port forwards, but would like them both to be on the same port.
View 3 Replies View RelatedI'm trying to setup an Apache webserver on my computer in order to practice HTML5/CSS3 for an upcoming competition I'm in. I'm able to access my site from inside my network, but I cannot outside my network. I've had several people try, and they all report that the server just times out. I'm running Ubuntu 10.04 and Apache 2.2.17
My site is at [URL]
Here is the output of ifconfig
Code:
eth0 Link encap:Ethernet HWaddr 00:26:22:50:0f:0a
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
[Code]....
I don't mind that apache logs "rotate". By that, I mean that periodically the most recent log is renamed "*.1" and the older logs are bumped up a number In my particular situation, I do mind that the log that was "*.4" is deleted rather than being renamed to "*.5" when that periodic renaming happens.
I know most of the other /var/log files have the same behavior. What does this? Can I change it so my apache logs are "rotated" up but aren't deleted? I know this will take some hard drive space, but I have a lot of it.
EDIT: CentOS 5.3, kernel 2.6.18-128.1.6.el5, Apache 2.2.3
