Clicky

Hospedado por Limestone Networks

Jump to content
  • Sign Up

Sign in to follow this  
soh

Dominio sem acesso direto no ip

Recommended Posts

Olá a todos,

Tenho uma VPS na DO, e eu queria saber se existe a possibilidade de bloquear acesso direto pelo ip da máquina.

Ex:

Se digitassem 200.200.200.200 na url, ele nem aparecia nada, daria como inexistente, nem requisição na vps faria.

Acessassem apenas pelo dominio mesmo, exemplo(dot)com.

 

Pergunto isso porque recebo milhares de requisições direto no meu ip, e isso ta fazendo minha vps cair sempre, vejam:
 

[Sat Sep 02 05:47:38 2017] [error] [client 66.240.205.34] client denied by server configuration: /usr/local/apps/apache/www/error/noindex.html
[Sat Sep 02 05:47:38 2017] [error] [client 66.240.205.34] client denied by server configuration: /usr/local/apps/apache/www/
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmanager
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2018
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2017
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2016
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2015
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmanager
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2014
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2018
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2013
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2017
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2012
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2016
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2011
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2015
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2018
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2014
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2017
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2013
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2016
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2012
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2015
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2011
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2014
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2018
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2013
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2017
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2012
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2016
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2011
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2015
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2018
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2014
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2017
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2013
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2016
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2012
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2015
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2011
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2014
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2018
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2013
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2017

Acredito que seja algum tipo de ataque ddos, mas se o acesso fosse direto no dominio eu teria como barrar com htaccess.

Realmente nao sei o que fazer, poderiam me dar uma luz?

Share this post


Link to post
Share on other sites

Isso não tem muita cara de DDoS não, tem cara de bruteforce/scan em busca de algo.

O que pode fazer é bloquear a origem em seu firewall, na grande maioria das vezes já resolve.


OwnServer | Soluções Corporativas & Gerenciamento de Servidores | www.ownserver.com.br

Share this post


Link to post
Share on other sites
7 horas atrás, owsbr disse:

Isso não tem muita cara de DDoS não, tem cara de bruteforce/scan em busca de algo.

O que pode fazer é bloquear a origem em seu firewall, na grande maioria das vezes já resolve.

Eu tento bloquear com o firewall, mas pra cada IP que eu bloqueio aparece mais 10 diferentes, isso o dia inteiro, 24/7...

Isso que eu coloquei é só algumas linhas do log, eu tenho que excluir o log a cada 6 horas pq se não ele fica ilegível.

Existe alguma outra forma de bloquear isso, sem ser bloqueando o IP que está scaneando?

Share this post


Link to post
Share on other sites
1 hora atrás, soh disse:

Eu tento bloquear com o firewall, mas pra cada IP que eu bloqueio aparece mais 10 diferentes, isso o dia inteiro, 24/7...

Isso que eu coloquei é só algumas linhas do log, eu tenho que excluir o log a cada 6 horas pq se não ele fica ilegível.

Existe alguma outra forma de bloquear isso, sem ser bloqueando o IP que está scaneando?

Se seu site é para um país em específico você pode bloquear alguns países que não deseja receber acesso.

Share this post


Link to post
Share on other sites
5 horas atrás, MarksEliel disse:

Se seu site é para um país em específico você pode bloquear alguns países que não deseja receber acesso.

Não é para um país específico. Mas esses "bruteforce" vem de vários IP's destintos.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.



×
×
  • Create New...