Clicky

Hospedado por Limestone Networks

Jump to content
  • Sign Up

Sign in to follow this  
Followers 0
soh

Dominio sem acesso direto no ip

By soh, in Domains & DNS

Recommended Posts

soh   

soh
Posted

Olá a todos,

Tenho uma VPS na DO, e eu queria saber se existe a possibilidade de bloquear acesso direto pelo ip da máquina.

Ex:

Se digitassem 200.200.200.200 na url, ele nem aparecia nada, daria como inexistente, nem requisição na vps faria.

Acessassem apenas pelo dominio mesmo, exemplo(dot)com.

 

Pergunto isso porque recebo milhares de requisições direto no meu ip, e isso ta fazendo minha vps cair sempre, vejam:
  

[Sat Sep 02 05:47:38 2017] [error] [client 66.240.205.34] client denied by server configuration: /usr/local/apps/apache/www/error/noindex.html
[Sat Sep 02 05:47:38 2017] [error] [client 66.240.205.34] client denied by server configuration: /usr/local/apps/apache/www/
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmanager
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2018
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2017
[Sat Sep 02 05:03:03 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2016
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2015
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmanager
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2014
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2018
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2013
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2017
[Sat Sep 02 05:03:02 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2012
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2016
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2011
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2015
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2018
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2014
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2017
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2013
[Sat Sep 02 05:03:01 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2016
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2012
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2015
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/phpmyadmin2011
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2014
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2018
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2013
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2017
[Sat Sep 02 05:03:00 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2012
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2016
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2011
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2015
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2018
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2014
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2017
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2013
[Sat Sep 02 05:02:59 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2016
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2012
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2015
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/pma2011
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2014
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2018
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2013
[Sat Sep 02 05:02:58 2017] [error] [client 176.192.188.192] client denied by server configuration: /usr/local/apps/apache/www/PMA2017

Acredito que seja algum tipo de ataque ddos, mas se o acesso fosse direto no dominio eu teria como barrar com htaccess.

Realmente nao sei o que fazer, poderiam me dar uma luz?

Share this post

Link to post
Share on other sites

owsbr   

owsbr
Posted

Isso não tem muita cara de DDoS não, tem cara de bruteforce/scan em busca de algo.

O que pode fazer é bloquear a origem em seu firewall, na grande maioria das vezes já resolve.

OwnServer | Soluções Corporativas & Gerenciamento de Servidores | www.ownserver.com.br

Share this post

Link to post
Share on other sites

soh
  • Autor do tópico
    •   

    soh
    Posted
    7 horas atrás, owsbr disse:

    Isso não tem muita cara de DDoS não, tem cara de bruteforce/scan em busca de algo.

    O que pode fazer é bloquear a origem em seu firewall, na grande maioria das vezes já resolve.

    Eu tento bloquear com o firewall, mas pra cada IP que eu bloqueio aparece mais 10 diferentes, isso o dia inteiro, 24/7...

    Isso que eu coloquei é só algumas linhas do log, eu tenho que excluir o log a cada 6 horas pq se não ele fica ilegível.

    Existe alguma outra forma de bloquear isso, sem ser bloqueando o IP que está scaneando?

    Share this post

    Link to post
    Share on other sites

    MarksEliel   

    MarksEliel
    Posted
    1 hora atrás, soh disse:

    Eu tento bloquear com o firewall, mas pra cada IP que eu bloqueio aparece mais 10 diferentes, isso o dia inteiro, 24/7...

    Isso que eu coloquei é só algumas linhas do log, eu tenho que excluir o log a cada 6 horas pq se não ele fica ilegível.

    Existe alguma outra forma de bloquear isso, sem ser bloqueando o IP que está scaneando?

    Se seu site é para um país em específico você pode bloquear alguns países que não deseja receber acesso.

    Share this post

    Link to post
    Share on other sites

    soh
  • Autor do tópico
    •   

    soh
    Posted
    5 horas atrás, MarksEliel disse:

    Se seu site é para um país em específico você pode bloquear alguns países que não deseja receber acesso.

    Não é para um país específico. Mas esses "bruteforce" vem de vários IP's destintos.

    Share this post

    Link to post
    Share on other sites

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Reply to this topic...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
    Sign in to follow this  
    Followers 0
    Go To Topic Listing

    • Recently Browsing   0 members

      No registered users viewing this page.



    ×
    ×
    • Create New...